Search Results (1855 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-5805 1 Ibm 1 Aix 2026-04-23 N/A
cfgcon in IBM AIX 5.2 and 5.3 does not properly validate the argument to the "-p" option to swcons, which allows local users in the system group to create an arbitrary file, and enable world writability of this file, via a symlink attack involving use of the file's name as the argument. NOTE: this issue is due to an incomplete fix for CVE-2007-5804.
CVE-2007-5437 1 Broadcom 1 Etrust Integrated Threat Management 2026-04-23 N/A
The web console in CA (formerly Computer Associates) eTrust ITM (Threat Manager) 8.1 allows remote attackers to redirect users to arbitrary web sites via a crafted HTTP URL on port 6689.
CVE-2009-1867 2 Adobe, Redhat 4 Air, Flash Player, Flex and 1 more 2026-04-23 N/A
Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to trick a user into (1) selecting a link or (2) completing a dialog, related to a "clickjacking vulnerability."
CVE-2009-1893 2 Isc, Redhat 2 Dhcp, Enterprise Linux 2026-04-23 N/A
The configtest function in the Red Hat dhcpd init script for DHCP 3.0.1 in Red Hat Enterprise Linux (RHEL) 3 allows local users to overwrite arbitrary files via a symlink attack on an unspecified temporary file, related to the "dhcpd -t" command.
CVE-2009-1753 1 Emn 1 Coccinelle 2026-04-23 N/A
Coccinelle 0.1.7 allows local users to overwrite arbitrary files via a symlink attack on an unspecified "result file."
CVE-2007-6208 1 Claws Mail 1 Claws Mail Tools 2026-04-23 N/A
sylprint.pl in claws mail tools (claws-mail-tools) allows local users to overwrite arbitrary files via a symlink attack on the sylprint.[USER].[PID] temporary file.
CVE-2007-5718 2 Debian, Vobcopy 2 Debian Linux, Vobcopy 2026-04-23 N/A
vobcopy 0.5.14 allows local users to append data to an arbitrary file, or create an arbitrary new file, via a symlink attack on the (1) /tmp/vobcopy.bla or (2) /tmp/vobcopy_0.5.14.log temporary file.
CVE-2008-6398 1 Eric Raymond 1 Sng 2026-04-23 N/A
sng_regress in SNG 1.0.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/recompiled$$.png, (2) /tmp/decompiled$$.sng, and (3) /tmp/canonicalized$$.sng temporary files.
CVE-2007-5664 1 Ibm 1 Db2 Universal Database 2026-04-23 N/A
db2dasrrm in the DB2 Administration Server (DAS) in IBM DB2 Universal Database 9.5 before Fix Pack 1, 9.1 before Fix Pack 4a, and 8 before FixPak 16 allows local users to overwrite arbitrary files via a symlink attack on files used for initialization.
CVE-2008-5142 1 Freebsd 1 Freebsd-sendpr 2026-04-23 N/A
sendbug in freebsd-sendpr 3.113+5.3 on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on a /tmp/pr.##### temporary file.
CVE-2007-4998 1 Linux 1 Linux Kernel 2026-04-23 N/A
cp, when running with an option to preserve symlinks on multiple OSes, allows local, user-assisted attackers to overwrite arbitrary files via a symlink attack using crafted directories containing multiple source files that are copied to the same destination.
CVE-2008-5312 1 Mailscanner 1 Mailscanner 2026-04-23 N/A
mailscanner 4.55.10 and other versions before 4.74.16-1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files used by the (1) f-prot-autoupdate, (2) clamav-autoupdate, (3) panda-autoupdate.new, (4) trend-autoupdate.new, and (5) rav-autoupdate.new scripts in /etc/MailScanner/autoupdate/, a different vulnerability than CVE-2008-5140.
CVE-2006-5851 1 Openbase International Ltd 1 Openbase 2026-04-23 N/A
openexec in OpenBase SQL before 10.0.1 allows local users to create arbitrary files via a symlink attack on the /tmp/output file, a different vulnerability than CVE-2006-5328.
CVE-2008-5034 1 A Mennucc1 1 Printfilters-ppd 2026-04-23 N/A
master-filter in printfilters-ppd 2.13 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/filter.debug temporary file. NOTE: the vendor disputes this vulnerability, stating 'this package does not have " possibility of attack with the help of symlinks"'
CVE-2008-5313 1 Mailscanner 1 Mailscanner 2026-04-23 N/A
mailscanner 4.68.8 and other versions before 4.74.16-1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files used by the (1) f-prot-autoupdate, (2) clamav-autoupdate, (3) avast-autoupdate, and (4) f-prot-6-autoupdate scripts in /etc/MailScanner/autoupdate/; the (5) bitdefender-wrapper, (6) kaspersky-wrapper, (7) clamav-wrapper, and (8) rav-wrapper scripts in /etc/MailScanner/wrapper/; the (9) Quarantine.pm, (10) TNEF.pm, (11) MessageBatch.pm, (12) WorkArea.pm, and (13) SA.pm scripts in /usr/share/MailScanner/MailScanner/; (14) /usr/sbin/MailScanner; and (15) scripts that load the /etc/MailScanner/mailscanner.conf.with.mcp configuration file.
CVE-2008-5369 1 No-ip 1 No-ip2 2026-04-23 N/A
noip2 in noip2 2.1.7 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/noip2 temporary file.
CVE-2008-4990 1 Enomaly 1 Elastic Computing Platform 2026-04-23 N/A
Enomaly Elastic Computing Platform (ECP), formerly Enomalism, before 2.1.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/enomalism2.pid temporary file.
CVE-2008-6759 1 Viart 1 Viart Shop 2026-04-23 N/A
ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to obtain sensitive information via a URL in the POST_DATA parameter to manuals_search.php, which reveals the installation path in an error message.
CVE-2008-5368 1 Lukas Ruf 1 Muttprint 2026-04-23 N/A
muttprint in muttprint 0.72d allows local users to overwrite arbitrary files via a symlink attack on the /tmp/muttprint.log temporary file.
CVE-2008-5153 1 Moodle 1 Moodle 2026-04-23 N/A
spell-check-logic.cgi in Moodle 1.8.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/spell-check-debug.log, (2) /tmp/spell-check-before, or (3) /tmp/spell-check-after temporary file.