Total
1299 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-1916 | 2 Debian, Ekg Project | 2 Debian Linux, Ekg | 2025-04-03 | 2.1 LOW | 5.5 MEDIUM |
| linki.py in ekg 2005-06-05 and earlier allows local users to overwrite or create arbitrary files via a symlink attack on temporary files. | |||||
| CVE-2001-0131 | 2 Apache, Debian | 2 Http Server, Debian Linux | 2025-04-03 | 3.3 LOW | N/A |
| htpasswd and htdigest in Apache 2.0a9, 1.3.14, and others allows local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-2005-3011 | 1 Gnu | 1 Texinfo | 2025-04-03 | 1.2 LOW | N/A |
| The sort_offline function for texindex in texinfo 4.8 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
| CVE-2000-0972 | 1 Hp | 1 Hp-ux | 2025-04-03 | 2.1 LOW | 5.5 MEDIUM |
| HP-UX 11.00 crontab allows local users to read arbitrary files via the -e option by creating a symlink to the target file during the crontab session, quitting the session, and reading the error messages that crontab generates. | |||||
| CVE-2005-1880 | 1 Everybuddy | 1 Everybuddy | 2025-04-03 | 2.1 LOW | 5.5 MEDIUM |
| everybuddy 0.4.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file created by a system call to wget. | |||||
| CVE-2005-0587 | 1 Mozilla | 2 Firefox, Mozilla | 2025-04-03 | 2.6 LOW | 6.5 MEDIUM |
| Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote malicious web sites to overwrite arbitrary files by tricking the user into downloading a .LNK (link) file twice, which overwrites the file that was referenced in the first .LNK file. | |||||
| CVE-1999-1386 | 1 Perl | 1 Perl | 2025-04-03 | 2.1 LOW | 5.5 MEDIUM |
| Perl 5.004_04 and earlier follows symbolic links when running with the -e option, which allows local users to overwrite arbitrary files via a symlink attack on the /tmp/perl-eaXXXXX file. | |||||
| CVE-2002-2382 | 1 Cvsup | 1 Cvsup | 2025-04-03 | 7.2 HIGH | N/A |
| cvsupd.sh in CVSup 1.2 allows local users to overwrite arbitrary files and gain privileges via a symlink attack on /var/tmp/cvsupd.out. | |||||
| CVE-2005-0004 | 3 Debian, Mariadb, Oracle | 3 Debian Linux, Mariadb, Mysql | 2025-04-03 | 4.6 MEDIUM | N/A |
| The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and other versions including 3.x, allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files. | |||||
| CVE-2001-1042 | 1 Transsoft | 1 Broker Ftp Server | 2025-04-03 | 5.0 MEDIUM | 7.5 HIGH |
| Transsoft Broker 5.9.5.0 allows remote attackers to read arbitrary files and directories by uploading a .lnk (link) file that points to the target file. | |||||
| CVE-2005-0824 | 1 Mathopd | 1 Mathopd | 2025-04-03 | 3.6 LOW | 5.5 MEDIUM |
| The internal_dump function in Mathopd before 1.5p5, and 1.6x before 1.6b6 BETA, when Mathopd is running with the -n option, allows local users to overwrite arbitrary files via a symlink attack on dump files that are triggered by a SIGWINCH signal. | |||||
| CVE-2006-1247 | 1 Ibm | 1 Aix | 2025-04-03 | 3.3 LOW | N/A |
| rm_mlcache_file in bos.rte.install in AIX 5.1.0 through 5.3.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
| CVE-2000-0715 | 2 Conectiva, Kirk Bauer | 2 Linux, Diskcheck | 2025-04-03 | 2.1 LOW | N/A |
| DiskCheck script diskcheck.pl in Red Hat Linux 6.2 allows local users to create or overwrite arbitrary files via a symlink attack on a temporary file. | |||||
| CVE-2000-1178 | 1 Joseph Allen | 1 Joe | 2025-04-03 | 2.1 LOW | 5.5 MEDIUM |
| Joe text editor follows symbolic links when creating a rescue copy called DEADJOE during an abnormal exit, which allows local users to overwrite the files of other users whose joe session crashes. | |||||
| CVE-2001-1386 | 1 Texasimperialsoftware | 1 Wftpd | 2025-04-03 | 5.0 MEDIUM | 7.5 HIGH |
| WFTPD 3.00 allows remote attackers to read arbitrary files by uploading a (link) file that ends in a ".lnk." extension, which bypasses WFTPD's check for a ".lnk" extension. | |||||
| CVE-2002-0725 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2025-04-03 | 4.6 MEDIUM | 5.5 MEDIUM |
| NTFS file system in Windows NT 4.0 and Windows 2000 SP2 allows local attackers to hide file usage activities via a hard link to the target file, which causes the link to be recorded in the audit trail instead of the target file. | |||||
| CVE-2004-0217 | 2 Redhat, Symantec | 2 Linux, Antivirus Scan Engine | 2025-04-03 | 3.7 LOW | 7.0 HIGH |
| The LiveUpdate capability (liveupdate.sh) in Symantec AntiVirus Scan Engine 4.0 and 4.3 for Red Hat Linux allows local users to create or append to arbitrary files via a symlink attack on /tmp/LiveUpdate.log. | |||||
| CVE-1999-0794 | 1 Microsoft | 2 Excel, Office | 2025-04-03 | 4.6 MEDIUM | N/A |
| Microsoft Excel does not warn a user when a macro is present in a Symbolic Link (SYLK) format file. | |||||
| CVE-2002-0824 | 1 Freebsd | 1 Point-to-point Protocol Daemon | 2025-04-03 | 6.9 MEDIUM | N/A |
| BSD pppd allows local users to change the permissions of arbitrary files via a symlink attack on a file that is specified as a tty device. | |||||
| CVE-2004-0967 | 1 Aladdin Enterprises | 1 Ghostscript | 2025-04-03 | 7.2 HIGH | N/A |
| The (1) pj-gs.sh, (2) ps2epsi, (3) pv.sh, and (4) sysvlp.sh scripts in the ESP Ghostscript (espgs) package in Trustix Secure Linux 1.5 through 2.1, and other operating systems, allow local users to overwrite files via a symlink attack on temporary files. | |||||