Improper Link Resolution Before File Access ('Link Following')

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

CVEs (1,500)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2008-4964 1Krzysztof Kozlowski 1Konwert Apr 23, 2026 Nov 6, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 filters/any-UTF8 in konwert 1.8 allows local users to delete arbitrary files via a symlink attack on a /tmp/any-##### temporary file.
CVE-2008-4960 1Dov Grobgeld 1Impose+ Apr 23, 2026 Nov 5, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 impose in impose+ 0.2 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/-tmp.ps and (2) /tmp/bboxx- temporary files.
CVE-2008-4959 1Gpsdrive 1Gpsdrive Scripts Apr 23, 2026 Nov 5, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 geo-code in gpsdrive-scripts 2.10~pre4 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/geo.google, (2) /tmp/geo.yahoo, (3) /tmp/geo.coords, and (4) /tmp/geo#####.coords temporary files.
CVE-2008-4958 1Alejandro Garrido Mota 1Gdrae Apr 23, 2026 Nov 5, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 gdrae in gdrae 0.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gdrae/palabra temporary file.
CVE-2008-4957 1Gccxml 1Gccxml Apr 23, 2026 Nov 5, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 find_flags in Kitware GCC-XML (gccxml) 0.9.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/*.cxx temporary file.
CVE-2008-4956 1Firewallbuilder 1Fwbuilder Apr 23, 2026 Nov 5, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 fwb_install in fwbuilder 2.1.19 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/ssh-agent.##### temporary file.
CVE-2008-4955 1Duncan Webb 1Freevo Apr 23, 2026 Nov 5, 2008 N/A· v4 N/A· v3 6.2 MEDIUM· v2 freevo.real in freevo 1.8.1 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/-#####.pid, (2) /tmp/freevo-gdb, (3) /tmp/freevo-gdb.sh, and (4) /tmp/.stats temporary files. NOTE: this iss...Show more freevo.real in freevo 1.8.1 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/-#####.pid, (2) /tmp/freevo-gdb, (3) /tmp/freevo-gdb.sh, and (4) /tmp/.stats temporary files. NOTE: this issue is only a vulnerability when a verbose debug mode is activated by modifying source code.Show less
CVE-2008-4954 1Fumitoshi Ukai 1Fml Apr 23, 2026 Nov 5, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 mead.pl in fml 4.0.3 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/debugbuf temporary file.
CVE-2008-4953 1Firehol 1Firehol Apr 23, 2026 Nov 5, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 firehol in firehol 1.256 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/.firehol-tmp-#####-- and (2) /tmp/firehol.conf temporary files. NOTE: the vendor disputes this vulnerability, s...Show more firehol in firehol 1.256 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/.firehol-tmp-#####-- and (2) /tmp/firehol.conf temporary files. NOTE: the vendor disputes this vulnerability, stating that an attack "would require an attacker to create 1073741824*PID-RANGE symlinks.Show less
CVE-2008-4952 1Emacs 1Emacs Jabber Apr 23, 2026 Nov 5, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 emacs-jabber in emacs-jabber 0.7.91 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/*.log temporary file.
CVE-2008-4951 1Gplhost 1Dtc Common Apr 23, 2026 Nov 5, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 dtc 0.29.6 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/awstats.log, (b) /tmp/spam.log.#####, and (c) /tmp/spam_err.log temporary files, related to the (1) accesslog.php and (2) sa-wra...Show more dtc 0.29.6 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/awstats.log, (b) /tmp/spam.log.#####, and (c) /tmp/spam_err.log temporary files, related to the (1) accesslog.php and (2) sa-wrapper scripts.Show less
CVE-2008-4950 1Debian 1Dpkg Cross Apr 23, 2026 Nov 5, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 gccross in dpkg-cross 2.3.0 allows local users to overwrite arbitrary files via a symlink attack on the tmp/gccross2.log temporary file. NOTE: the vendor disputes this vulnerability, stating that "There is no sense in t...Show more gccross in dpkg-cross 2.3.0 allows local users to overwrite arbitrary files via a symlink attack on the tmp/gccross2.log temporary file. NOTE: the vendor disputes this vulnerability, stating that "There is no sense in this bug - the script ... is called under specific cross-building environments within a chroot.Show less
CVE-2008-4949 1Manoj Srivastava 1Dist Apr 23, 2026 Nov 5, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 dist 3.5 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/cil#####, (b) /tmp/pdo#####, and (c) /tmp/pdn##### temporary files, related to the (1) patcil and (2) patdiff scripts.
CVE-2008-4948 1Nostatic 1Digitaldj Apr 23, 2026 Nov 5, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 fest.pl in digitaldj 0.7.5 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/ddj_fest.tmp temporary file.
CVE-2008-4947 1Guus Sliepen 1Dhis Server Apr 23, 2026 Nov 5, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 dhis-dummy-log-engine in dhis-server 5.3 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/dhis-dummy-log-engine.log temporary file.
CVE-2008-4946 1Convirture 1Convirt Apr 23, 2026 Nov 5, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 convirt 0.8.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/set_output temporary file, related to the (1) _template_/provision.sh, (2) Linux_CD_Install/provision.sh, (3) Fedora_PV_Insta...Show more convirt 0.8.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/set_output temporary file, related to the (1) _template_/provision.sh, (2) Linux_CD_Install/provision.sh, (3) Fedora_PV_Install/provision.sh, (4) CentOS_PV_Install/provision.sh, (5) common/provision.sh, (6) example/provision.sh, and (7) Windows_CD_Install/provision.sh scripts in image_store/.Show less
CVE-2008-4945 1Tivano 1Cdrw Taper Apr 23, 2026 Nov 5, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 amlabel-cdrw in cdrw-taper 0.4 might allow local users to overwrite arbitrary files via a symlink attack involving a /tmp/amlabel-cdrw.##### temporary directory.
CVE-2008-4944 1Gleydson Mazioli Da Silva 1Cdcontrol Apr 23, 2026 Nov 5, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 writtercontrol in cdcontrol 1.90 allows local users to overwrite arbitrary files via a symlink attack on /tmp/v-recorder*-out temporary files.
CVE-2008-4943 1Iglues 1Bulmages Servers Apr 23, 2026 Nov 5, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 bulmages-servers 0.11.1 allows local users to overwrite arbitrary files via a symlink attack on the (a) /tmp/error.txt, (b) /tmp/errores.txt, and possibly other temporary files, related to the (1) creabulmafact, (2) crea...Show more bulmages-servers 0.11.1 allows local users to overwrite arbitrary files via a symlink attack on the (a) /tmp/error.txt, (b) /tmp/errores.txt, and possibly other temporary files, related to the (1) creabulmafact, (2) creabulmacont, and possibly (3) actualizabulmacont, (4) installbulmages-db, and (5) actualizabulmafact scripts.Show less
CVE-2008-4942 1Audiolink 1Audiolink Apr 23, 2026 Nov 5, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 audiolink in audiolink 0.05 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/audiolink.db.tmp and (2) /tmp/audiolink.tb.tmp temporary files.

Previous 1...676869...75 Next