Search Results (7481 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-3126 1 Antiword 1 Antiword 2025-04-03 N/A
The (1) kantiword (kantiword.sh) and (2) gantiword (gantiword.sh) scripts in antiword 0.35 and earlier allow local users to overwrite arbitrary files via a symlink attack on temporary (a) output and (b) error files.
CVE-2003-0517 1 Mgetty Project 1 Mgetty 2025-04-03 5.5 Medium
faxrunqd.in in mgetty 1.1.28 and earlier allows local users to overwrite files via a symlink attack on JOB files.
CVE-2004-1901 1 Gentoo 2 Linux, Portage 2025-04-03 5.5 Medium
Portage before 2.0.50-r3 allows local users to overwrite arbitrary files via a hard link attack on the lockfiles.
CVE-2004-0217 2 Redhat, Symantec 2 Linux, Antivirus Scan Engine 2025-04-03 7.0 High
The LiveUpdate capability (liveupdate.sh) in Symantec AntiVirus Scan Engine 4.0 and 4.3 for Red Hat Linux allows local users to create or append to arbitrary files via a symlink attack on /tmp/LiveUpdate.log.
CVE-2003-0844 1 Schroepl 1 Mod Gzip 2025-04-03 7.1 High
mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode without the Apache log, allows local users to overwrite arbitrary files via (1) a symlink attack on predictable temporary filenames on Unix systems, or (2) an NTFS hard link on Windows systems when the "Strengthen default permissions of internal system objects" policy is not enabled.
CVE-2005-3011 2 Gnu, Redhat 2 Texinfo, Enterprise Linux 2025-04-03 N/A
The sort_offline function for texindex in texinfo 4.8 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files.
CVE-2002-0725 1 Microsoft 2 Windows 2000, Windows Nt 2025-04-03 5.5 Medium
NTFS file system in Windows NT 4.0 and Windows 2000 SP2 allows local attackers to hide file usage activities via a hard link to the target file, which causes the link to be recorded in the audit trail instead of the target file.
CVE-2005-1879 1 Lutel 1 Lutelwall 2025-04-03 5.5 Medium
LutelWall 0.97 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file created by a system call to wget.
CVE-2005-2714 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-03 N/A
passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to overwrite arbitrary files via a symlink attack on the .pwtmp.[PID] temporary file.
CVE-2001-1378 2 Fetchmail, Redhat 2 Fetchmail, Linux 2025-04-03 N/A
fetchmailconf in fetchmail before 5.7.4 allows local users to overwrite files of other users via a symlink attack on temporary files.
CVE-2000-0715 3 Conectiva, Kirk Bauer, Redhat 3 Linux, Diskcheck, Powertools 2025-04-03 N/A
DiskCheck script diskcheck.pl in Red Hat Linux 6.2 allows local users to create or overwrite arbitrary files via a symlink attack on a temporary file.
CVE-2006-1247 1 Ibm 1 Aix 2025-04-03 N/A
rm_mlcache_file in bos.rte.install in AIX 5.1.0 through 5.3.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
CVE-1999-0783 1 Freebsd 1 Freebsd 2025-04-03 5.5 Medium
FreeBSD allows local users to conduct a denial of service by creating a hard link from a device special file to a file on an NFS file system.
CVE-2004-1603 1 Cpanel 1 Cpanel 2025-04-03 5.5 Medium
cPanel 9.4.1-RELEASE-64 follows hard links, which allows local users to (1) read arbitrary files via the backup feature or (2) chown arbitrary files via the .htaccess file when Front Page extensions are enabled or disabled.
CVE-1999-0794 1 Microsoft 2 Excel, Office 2025-04-03 N/A
Microsoft Excel does not warn a user when a macro is present in a Symbolic Link (SYLK) format file.
CVE-2003-1528 1 Fujitsu 1 Siemens Networker 2025-04-03 N/A
nsr_shutdown in Fujitsu Siemens NetWorker 6.0 allows local users to overwrite arbitrary files via a symlink attack on the nsrsh[PID] temporary file.
CVE-2001-1494 3 Avaya, Kernel, Redhat 8 Cvlan, Integrated Management Suit, Interactive Response and 5 more 2025-04-03 5.5 Medium
script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command.
CVE-2000-0342 1 Qualcomm 1 Eudora 2025-04-03 7.5 High
Eudora 4.x allows remote attackers to bypass the user warning for executable attachments such as .exe, .com, and .bat by using a .lnk file that refers to the attachment, aka "Stealth Attachment."
CVE-2002-0824 1 Freebsd 1 Point-to-point Protocol Daemon 2025-04-03 N/A
BSD pppd allows local users to change the permissions of arbitrary files via a symlink attack on a file that is specified as a tty device.
CVE-2005-3349 1 Gnu 1 Gnump3d 2025-04-03 N/A
GNU Gnump3d before 2.9.8 allows local users to modify or delete arbitrary files via a symlink attack on the index.lok temporary file.