Vulnerabilities (CVE)

Filtered by CWE-59
Total 1156 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-3916 1 Skk Openlab 1 Skk Tools 2024-11-21 4.4 MEDIUM N/A
The main function in skkdic-expr.c in SKK Tools 1.2 allows local users to overwrite or delete arbitrary files via a symlink attack on a skkdic$PID temporary file.
CVE-2007-3742 1 Apple 2 Iphone, Safari 2024-11-21 4.3 MEDIUM N/A
WebKit in Apple Safari 3 Beta before Update 3.0.3, and iPhone before 1.0.1, does not properly handle the interaction between International Domain Name (IDN) support and Unicode fonts, which allows remote attackers to create a URL containing "look-alike characters" (homographs) and possibly perform phishing attacks.
CVE-2007-3103 2 Fedoraproject, Redhat 4 Fedora Core, Enterprise Linux, Enterprise Linux Desktop and 1 more 2024-11-21 6.2 MEDIUM N/A
The init.d script for the X.Org X11 xfs font server on various Linux distributions might allow local users to change the permissions of arbitrary files via a symlink attack on the /tmp/.font-unix temporary file.
CVE-2007-2978 1 Eggblog 1 Eggblog 2024-11-21 6.8 MEDIUM N/A
Session fixation vulnerability in eggblog 3.1.0 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter.
CVE-2007-1027 1 Ibm 1 Db2 2024-11-21 4.4 MEDIUM N/A
Certain setuid DB2 binaries in IBM DB2 before 9 Fix Pack 2 for Linux and Unix allow local users to overwrite arbitrary files via a symlink attack on the DB2DIAG.LOG temporary file.
CVE-2006-5851 1 Openbase International Ltd 1 Openbase 2024-11-21 2.1 LOW N/A
openexec in OpenBase SQL before 10.0.1 allows local users to create arbitrary files via a symlink attack on the /tmp/output file, a different vulnerability than CVE-2006-5328.
CVE-2006-1247 1 Ibm 1 Aix 2024-11-21 3.3 LOW N/A
rm_mlcache_file in bos.rte.install in AIX 5.1.0 through 5.3.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
CVE-2005-3349 1 Gnu 1 Gnump3d 2024-11-21 1.9 LOW N/A
GNU Gnump3d before 2.9.8 allows local users to modify or delete arbitrary files via a symlink attack on the index.lok temporary file.
CVE-2005-3126 1 Antiword 1 Antiword 2024-11-21 1.9 LOW N/A
The (1) kantiword (kantiword.sh) and (2) gantiword (gantiword.sh) scripts in antiword 0.35 and earlier allow local users to overwrite arbitrary files via a symlink attack on temporary (a) output and (b) error files.
CVE-2005-3011 1 Gnu 1 Texinfo 2024-11-21 1.2 LOW N/A
The sort_offline function for texindex in texinfo 4.8 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files.
CVE-2005-2714 1 Apple 2 Mac Os X, Mac Os X Server 2024-11-21 6.8 MEDIUM N/A
passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to overwrite arbitrary files via a symlink attack on the .pwtmp.[PID] temporary file.
CVE-2005-2527 1 Sun 1 Java 2024-11-20 1.2 LOW N/A
Race condition in Java 1.4.2 before 1.4.2 Release 2 on Apple Mac OS X allows local users to corrupt files or create arbitrary files via unspecified attack vectors related to a temporary directory, possibly due to a symlink attack.
CVE-2005-1916 2 Debian, Ekg Project 2 Debian Linux, Ekg 2024-11-20 2.1 LOW 5.5 MEDIUM
linki.py in ekg 2005-06-05 and earlier allows local users to overwrite or create arbitrary files via a symlink attack on temporary files.
CVE-2005-1880 1 Everybuddy 1 Everybuddy 2024-11-20 2.1 LOW 5.5 MEDIUM
everybuddy 0.4.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file created by a system call to wget.
CVE-2005-1879 1 Lutel 1 Lutelwall 2024-11-20 2.1 LOW 5.5 MEDIUM
LutelWall 0.97 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file created by a system call to wget.
CVE-2005-1111 3 Canonical, Debian, Gnu 3 Ubuntu Linux, Debian Linux, Cpio 2024-11-20 3.7 LOW 4.7 MEDIUM
Race condition in cpio 2.6 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by cpio after the decompression is complete.
CVE-2005-0824 1 Mathopd 1 Mathopd 2024-11-20 3.6 LOW 5.5 MEDIUM
The internal_dump function in Mathopd before 1.5p5, and 1.6x before 1.6b6 BETA, when Mathopd is running with the -n option, allows local users to overwrite arbitrary files via a symlink attack on dump files that are triggered by a SIGWINCH signal.
CVE-2005-0004 3 Debian, Mariadb, Oracle 3 Debian Linux, Mariadb, Mysql 2024-11-20 4.6 MEDIUM N/A
The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and other versions including 3.x, allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files.
CVE-2004-2473 1 Wmfrog 1 Wmfrog 2024-11-20 1.2 LOW N/A
wmFrog weather monitor 0.1.6 and other versions before 0.2.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
CVE-2004-1901 1 Gentoo 2 Linux, Portage 2024-11-20 4.6 MEDIUM 5.5 MEDIUM
Portage before 2.0.50-r3 allows local users to overwrite arbitrary files via a hard link attack on the lockfiles.