Improper Link Resolution Before File Access ('Link Following')

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

CVEs (1,500)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2008-4984 1Freedesktop 1Scratchbox2 Apr 23, 2026 Nov 6, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 scratchbox2 1.99.0.24 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/dpkg.#####.tmp, (b) /tmp/missing_deps.#####, and (c) /tmp/sb2-pkg-chk.$tstamp.##### temporary files, related to the (...Show more scratchbox2 1.99.0.24 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/dpkg.#####.tmp, (b) /tmp/missing_deps.#####, and (c) /tmp/sb2-pkg-chk.$tstamp.##### temporary files, related to the (1) dpkg-checkbuilddeps and (2) sb2-check-pkg-mappings scripts.Show less
CVE-2008-4983 1Scilab 1Scilab Bin Apr 23, 2026 Nov 6, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 scilab-bin 4.1.2 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/SciLink#####1, (b) /tmp/SciLink#####2, (c) /tmp/SciLink#####3, (d) /tmp/.#####, (e) /tmp/.#####.res, (f) /tmp/.#####.er...Show more scilab-bin 4.1.2 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/SciLink#####1, (b) /tmp/SciLink#####2, (c) /tmp/SciLink#####3, (d) /tmp/.#####, (e) /tmp/.#####.res, (f) /tmp/.#####.err, and (g) /tmp/*.#####.diff temporary files, related to the (1) scilink, (2) scidoc, and (3) scidem scripts.Show less
CVE-2008-4982 1John Horne 1Rkhunter Apr 23, 2026 Nov 6, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 rkhunter in rkhunter 1.3.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/rkhunter-debug temporary file. NOTE: this is probably a different vulnerability than CVE-2005-1270.
CVE-2008-4981 1Remi Vanicat 1Realtimebattle Apr 23, 2026 Nov 6, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 perl.robot in realtimebattle 1.0.8 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/perl.robot.log temporary file.
CVE-2008-4980 1Zak B Elep 1Rccp Apr 23, 2026 Nov 6, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 delqueueask in rccp 0.9 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/cccp_tmp.txt temporary file.
CVE-2008-4979 1Shrubbery 1Rancid Apr 23, 2026 Nov 6, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 getipacctg in rancid 2.3.2~a8 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/ipacct.#####.prefixes, (2) /tmp/ipacct.#####.sorted, (3) /tmp/ipacct.#####.pl, and (4) /tmp/ipacct.##### temp...Show more getipacctg in rancid 2.3.2~a8 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/ipacct.#####.prefixes, (2) /tmp/ipacct.#####.sorted, (3) /tmp/ipacct.#####.pl, and (4) /tmp/ipacct.##### temporary files.Show less
CVE-2008-4978 1Radiance 1Radiance Apr 23, 2026 Nov 6, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 radiance 3R9+20080530 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/opt.fmt, (b) /tmp/out#####.fmt, (c) /tmp/tf#####.dat, (d) /tmp/gsf#####, (e) /tmp/sc#####.sh, (f) /tmp/il#####.pic, (...Show more radiance 3R9+20080530 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/opt.fmt, (b) /tmp/out#####.fmt, (c) /tmp/tf#####.dat, (d) /tmp/gsf#####, (e) /tmp/sc#####.sh, (f) /tmp/il#####.pic, (g) /tmp/tl#####.pic, (h) /tmp/ds#####.pic, (i) /tmp/tfa#####, and (j) /tmp/sed##### temporary files, related to the (1) optics2rad, (2) pdelta, (3) dayfact, and (4) raddepend scripts.Show less
CVE-2008-4977 1Postfix 1Postfix Apr 23, 2026 Nov 6, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 postfix_groups.pl in Postfix 2.5.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/postfix_groups.stdout, (2) /tmp/postfix_groups.stderr, and (3) /tmp/postfix_groups.message temporary...Show more postfix_groups.pl in Postfix 2.5.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/postfix_groups.stdout, (2) /tmp/postfix_groups.stderr, and (3) /tmp/postfix_groups.message temporary files. NOTE: the vendor disputes this vulnerability, stating "This is not a real issue ... users would have to edit a script under /usr/lib to enable it.Show less
CVE-2008-4976 1Alan Woodland 2Ogle Ogle Mmx Apr 23, 2026 Nov 6, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 ogle 0.9.2 and ogle-mmx 0.9.2 allow local users to overwrite arbitrary files via a symlink attack on (a) /tmp/ogle_audio.#####, (b) /tmp/ogle_cli.#####, (c) /tmp/ogle_ctrl.#####, (d) /tmp/ogle_gui.#####, (e) /tmp/ogle_mp...Show more ogle 0.9.2 and ogle-mmx 0.9.2 allow local users to overwrite arbitrary files via a symlink attack on (a) /tmp/ogle_audio.#####, (b) /tmp/ogle_cli.#####, (c) /tmp/ogle_ctrl.#####, (d) /tmp/ogle_gui.#####, (e) /tmp/ogle_mpeg_ps.#####, (f) /tmp/ogle_mpeg_vs.#####, (g) /tmp/ogle_nav.#####, and (h) /tmp/ogle_vout.#####, temporary files, related to the (1) ogle_audio_debug, (2) ogle_cli_debug, (3) ogle_ctrl_debug, (4) ogle_gui_debug, (5) ogle_mpeg_ps_debug, (6) ogle_mpeg_vs_debug, (7) ogle_nav_debug, and (8) ogle_vout_debug scripts.Show less
CVE-2008-4975 1Debian 1Newsgate Apr 23, 2026 Nov 6, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 mkmailpost in newsgate 1.6 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/mmp##### temporary file.
CVE-2008-4974 1Netmrg 1Netmrg Apr 23, 2026 Nov 6, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 rrdedit in netmrg 0.20 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/.xml and (2) /tmp/.backup temporary files.
CVE-2008-4973 1Debian 1Myspell Apr 23, 2026 Nov 6, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 i2myspell in myspell 3.1 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/i2my#####.1 and (2) /tmp/i2my#####.2 temporary files.
CVE-2008-4972 1Steve Robbins 1Mgt Apr 23, 2026 Nov 6, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 mailgo in mgt 2.31 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/mailgo##### temporary file.
CVE-2008-4971 1Align.bmr.kyushu U.ac 1Mafft Apr 23, 2026 Nov 6, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 mafft-homologs in mafft 6.240 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/_vf#?????, (2) /tmp/_if#?????, (3) /tmp/_pf#?????, (4) /tmp/_af#?????, (5) /tmp/_rid#?????, (6) /tmp/_res#???...Show more mafft-homologs in mafft 6.240 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/_vf#?????, (2) /tmp/_if#?????, (3) /tmp/_pf#?????, (4) /tmp/_af#?????, (5) /tmp/_rid#?????, (6) /tmp/_res#?????, (7) /tmp/_q#?????, and (8) /tmp/_bf#????? temporary files.Show less
CVE-2008-4970 1Lustre 1Lustre Tests Apr 23, 2026 Nov 6, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 runiozone in lustre 1.6.5 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/iozone.log temporary file.
CVE-2008-4969 1Alastair Mckinstry 1Ltp Network Test Apr 23, 2026 Nov 6, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 ltp-network-test 20060918 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/vsftpd.conf, (b) /tmp/udp/2/, (c) /tmp/tcp/2/, (d) /tmp/udp/3/, (e) /tmp/tcp/3/, (f) /tmp/nfs_fsstress.udp.2....Show more ltp-network-test 20060918 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/vsftpd.conf, (b) /tmp/udp/2/, (c) /tmp/tcp/2/, (d) /tmp/udp/3/, (e) /tmp/tcp/3/, (f) /tmp/nfs_fsstress.udp.2.log, (g) /tmp/nfs_fsstress.udp.3.log, (h) /tmp/nfs_fsstress.tcp.2.log, (i) /tmp/nfs_fsstress.tcp.3.log, and (j) /tmp/nfs_fsstress.sardata temporary files, related to the (1) ftp_setup_vsftp_conf and (2) nfs_fsstress.sh scripts.Show less
CVE-2008-4968 1Bitmover 1Lmbench Apr 23, 2026 Nov 6, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 The (1) rccs and (2) STUFF scripts in lmbench 3.0-a7 allow local users to overwrite arbitrary files via a symlink attack on a /tmp/sdiff.##### temporary file.
CVE-2008-4967 1Linuxtrade 1Linuxtrade Apr 23, 2026 Nov 6, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 linuxtrade 3.65 allows local users to overwrite arbitrary files via a symlink attack on the (a) /tmp/bwk, (b) /tmp/zzz, and (c) /tmp/ggg temporary files, related to the (1) linuxtrade.bwkvol, (2) linuxtrade.wn, and (3) m...Show more linuxtrade 3.65 allows local users to overwrite arbitrary files via a symlink attack on the (a) /tmp/bwk, (b) /tmp/zzz, and (c) /tmp/ggg temporary files, related to the (1) linuxtrade.bwkvol, (2) linuxtrade.wn, and (3) moneyam.helper scripts.Show less
CVE-2008-4966 1Openswan 1Linux Patch Openswan Apr 23, 2026 Nov 6, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 linux-patch-openswan 2.4.12 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/snap##### and (b) /tmp/nightly##### temporary files, related to the (1) maysnap and (2) maytest scripts.
CVE-2008-4965 1Savonet 1Liguidsoap Apr 23, 2026 Nov 6, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 liguidsoap.py in liguidsoap 0.3.8.1+2 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/liguidsoap.liq, (2) /tmp/lig.#####.log, and (3) /tmp/emission.ogg temporary files.

Previous 1...666768...75 Next