Improper Link Resolution Before File Access ('Link Following')

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

CVEs (1,500)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2008-5313 1Mailscanner 1Mailscanner Apr 23, 2026 Dec 3, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 mailscanner 4.68.8 and other versions before 4.74.16-1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files used by the (1) f-prot-autoupdate, (2) clamav-autoupdate, (3) av...Show more mailscanner 4.68.8 and other versions before 4.74.16-1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files used by the (1) f-prot-autoupdate, (2) clamav-autoupdate, (3) avast-autoupdate, and (4) f-prot-6-autoupdate scripts in /etc/MailScanner/autoupdate/; the (5) bitdefender-wrapper, (6) kaspersky-wrapper, (7) clamav-wrapper, and (8) rav-wrapper scripts in /etc/MailScanner/wrapper/; the (9) Quarantine.pm, (10) TNEF.pm, (11) MessageBatch.pm, (12) WorkArea.pm, and (13) SA.pm scripts in /usr/share/MailScanner/MailScanner/; (14) /usr/sbin/MailScanner; and (15) scripts that load the /etc/MailScanner/mailscanner.conf.with.mcp configuration file.Show less
CVE-2008-5312 1Mailscanner 1Mailscanner Apr 23, 2026 Dec 3, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 mailscanner 4.55.10 and other versions before 4.74.16-1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files used by the (1) f-prot-autoupdate, (2) clamav-autoupdate, (3) p...Show more mailscanner 4.55.10 and other versions before 4.74.16-1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files used by the (1) f-prot-autoupdate, (2) clamav-autoupdate, (3) panda-autoupdate.new, (4) trend-autoupdate.new, and (5) rav-autoupdate.new scripts in /etc/MailScanner/autoupdate/, a different vulnerability than CVE-2008-5140.Show less
CVE-2008-5299 1Karakas Online 1Chm2pdf Apr 23, 2026 Dec 1, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 chm2pdf 0.9 allows user-assisted local users to delete arbitrary files via a symlink attack on .chm files in the (1) /tmp/chm2pdf/work or (2) /tmp/chm2pdf/orig temporary directories.
CVE-2008-5256 1Virtualox 1Virtualox Apr 23, 2026 Nov 27, 2008 N/A· v4 N/A· v3 4.4 MEDIUM· v2 The AcquireDaemonLock function in ipcdUnix.cpp in Sun Innotek VirtualBox before 2.0.6 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/.vbox-$USER-ipc/lock temporary file.
CVE-2008-5157 1Uoregon 1Tau Apr 23, 2026 Nov 18, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 tau 2.16.4 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/makefile.tau..##### or (2) /tmp/makefile.tau.##### temporary file, related to the (a) tau_cxx, (b) tau_f90, and (c) tau_cc s...Show more tau 2.16.4 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/makefile.tau..##### or (2) /tmp/makefile.tau.##### temporary file, related to the (a) tau_cxx, (b) tau_f90, and (c) tau_cc scripts.Show less
CVE-2008-5156 1Dann Frazier 1Systemimager Server Apr 23, 2026 Nov 18, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 si_mkbootserver in systemimager-server 3.6.3 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/.inetd.conf or (2) /tmp/pxe.conf..tmp temporary file.
CVE-2008-5155 1Smsclient 1Smsclient Apr 23, 2026 Nov 18, 2008 N/A· v4 N/A· v3 9.3 HIGH· v2 mail2sms.sh in smsclient 2.0.8z allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/header.##### or (2) /tmp/body.##### temporary file, or append data to arbitrary files via a symlink attac...Show more mail2sms.sh in smsclient 2.0.8z allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/header.##### or (2) /tmp/body.##### temporary file, or append data to arbitrary files via a symlink attack on the (3) /tmp/sms.log temporary file.Show less
CVE-2008-5154 1Koeniglich 1P3nfs Apr 23, 2026 Nov 18, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 bluetooth.rc in p3nfs 5.19 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/blue.log temporary file.
CVE-2008-5153 1Moodle 1Moodle Apr 23, 2026 Nov 18, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 spell-check-logic.cgi in Moodle 1.8.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/spell-check-debug.log, (2) /tmp/spell-check-before, or (3) /tmp/spell-check-after temporary file.
CVE-2008-5152 1Peter S Galbraith 1Mh Book Apr 23, 2026 Nov 18, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 inmail-show in mh-book 200605 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/inmail#####.log or (2) /tmp/inmail#####.stdin temporary file.
CVE-2008-5151 1Abottoms 1Mayavi Apr 23, 2026 Nov 18, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 test_parser.py in mayavi 1.5 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/err.log temporary file.
CVE-2008-5150 1Jose Carlos Medeiros 1Maildirsync Apr 23, 2026 Nov 18, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 sample.sh in maildirsync 1.1 allows local users to append data to arbitrary files via a symlink attack on a /tmp/maildirsync-*.#####.log temporary file.
CVE-2008-5149 1Aucko 1Libncbi6 Apr 23, 2026 Nov 18, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 fwd_check.sh in libncbi6 6.1.20080302 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/##### temporary file.
CVE-2008-5148 1Geda 1Gnetlist Apr 23, 2026 Nov 18, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 sch2eaglepos.sh in geda-gnetlist 1.4.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/##### temporary file.
CVE-2008-5147 1Holloway 1Docvert Apr 23, 2026 Nov 18, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 test-pipe-to-pyodconverter.org.sh in docvert 2.4 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/outer.odt temporary file.
CVE-2008-5146 1Erl Wustl 1Ctn Apr 23, 2026 Nov 18, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 add-accession-numbers in ctn 3.0.6 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/accession temporary file.
CVE-2008-5145 1Debian 1Ltp Apr 23, 2026 Nov 18, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 ltpmenu in ltp 20060918 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/runltp.mainmenu.##### temporary file.
CVE-2008-5144 1Federico Di Gregorio 1Nvidia Cg Toolkit Apr 23, 2026 Nov 18, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 nvidia-cg-toolkit-installer in nvidia-cg-toolkit 2.0.0015 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/nvidia-cg-toolkit-manifest temporary file.
CVE-2008-5143 1Mohammed Sameer 1Multi Gnome Terminal Apr 23, 2026 Nov 18, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 mgt-helper in multi-gnome-terminal 1.6.2 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/.debug or (2) /tmp/.env temporary file.
CVE-2008-5142 1Freebsd 1Freebsd Sendpr Apr 23, 2026 Nov 18, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 sendbug in freebsd-sendpr 3.113+5.3 on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on a /tmp/pr.##### temporary file.

Previous 1...646566...75 Next