CVE-1999-1386

Perl 5.004_04 and earlier follows symbolic links when running with the -e option, which allows local users to overwrite arbitrary files via a symlink attack on the /tmp/perl-eaXXXXX file.

Publication date: Fri, 31 Dec 1999 11:00:00 +0000

Cyber News related to CVE-1999-1386

CVE-1999-0282 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-1584, CVE-1999-1586. Reason: This candidate combined references from one issue with the description from another issue. Notes: Users should consult CVE-1999-1584 and ...
55 years ago Tenable.com

CVE-1999-1386 - Perl 5.004_04 and earlier follows symbolic links when running with the -e option, which allows local users to overwrite arbitrary files via a symlink attack on the /tmp/perl-eaXXXXX file. ...
1 year ago

CVE-1999-0187 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-0022. Reason: This candidate is a duplicate of CVE-1999-0022. Notes: All CVE users should reference CVE-1999-0022 instead of this candidate. All references and descriptions in ...
55 years ago Tenable.com

CVE-1999-0110 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-0315. Reason: This candidate's original description had a typo that delayed it from being detected as a duplicate of CVE-1999-0315. Notes: All CVE users should reference ...
55 years ago Tenable.com

CVE-1999-0020 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-0032. Reason: This candidate is a duplicate of CVE-1999-0032. Notes: All CVE users should reference CVE-1999-0032 instead of this candidate. All references and descriptions in ...
55 years ago Tenable.com

CVE-1999-1108 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-1107. Reason: This candidate is a duplicate of CVE-1999-1107. Notes: All CVE users should reference CVE-1999-1107 instead of this candidate. All references and descriptions in ...
55 years ago Tenable.com

CVE-1999-0335 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-0032. Reason: This candidate is a duplicate of CVE-1999-0032. Notes: All CVE users should reference CVE-1999-0032 instead of this candidate. All references and descriptions in ...
55 years ago Tenable.com

CVE-1999-1310 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-1022. Reason: This candidate is a duplicate of CVE-1999-1022. Notes: All CVE users should reference CVE-1999-1022 instead of this candidate. All references and descriptions in ...
55 years ago Tenable.com

CVE-1999-1056 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-1395. Reason: This candidate is a duplicate of CVE-1999-1395. Notes: All CVE users should reference CVE-1999-1395 instead of this candidate. All references and descriptions in ...
55 years ago Tenable.com

CVE-2005-0200 - TikiWiki before 1.8.5 does not properly validate files that have been uploaded to the temp directory, which could allow remote attackers to upload and execute arbitrary PHP scripts, a different vulnerability than CVE-2004-1386. ...
12 years ago

CVE-2013-1384 - Adobe Shockwave Player before 12.0.2.122 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-1386. ...
11 years ago

CVE-2013-1386 - Adobe Shockwave Player before 12.0.2.122 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-1384. ...
11 years ago

CVE-2004-1386 - TikiWiki before 1.8.4.1 does not properly verify uploaded images, which could allow remote attackers to upload and execute arbitrary PHP scripts, a different vulnerability than CVE-2005-0200. ...
7 years ago

CVE-2009-1386 - ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello. ...
1 year ago

CVE-2010-1386 - page/Geolocation.cpp in WebCore in WebKit before r56188 and before 1.2.5 does not properly restrict access to the lastPosition function, which has unspecified impact and remote attack vectors, aka rdar problem 7746357. ...
13 years ago

CVE-2012-1386 - Unspecified vulnerability in the YouMail Visual Voicemail Plus (com.youmail.android.vvm) application 2.0.45 and 2.1.43 for Android has unknown impact and attack vectors. ...
12 years ago

CVE-2002-1386 - Buffer overflow in traceroute-nanog (aka traceroute-ng) may allow local users to execute arbitrary code via a long hostname argument. ...
8 years ago

CVE-2005-1386 - PHP-Nuke 7.6 and earlier allows remote attackers to obtain sensitive information via a direct request to (1) ipban.php, (2) db.php, (3) lang-norwegian.php, (4) lang-indonesian.php, (5) lang-greek.php, (6) a request to Web_Links with the portuguese ...
8 years ago

CVE-2016-1386 - The API in Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) 1.0(1) allows remote attackers to spoof administrative notifications via crafted attribute-value pairs, aka Bug ID CSCux15521. ...
1 year ago

CVE-2006-1386 - The (1) rdiff and (2) preview scripts in TWiki 4.0 and 4.0.1 ignore access control settings, which allows remote attackers to read restricted areas and access restricted content in TWiki topics. ...
7 years ago

CVE-2003-1386 - AXIS 2400 Video Server 2.00 through 2.33 allows remote attackers to obtain sensitive information via an HTTP request to /support/messages, which displays the server's /var/log/messages file. ...
7 years ago

CVE-2011-1386 - IBM Tivoli Federated Identity Manager (TFIM) and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.1.1, 6.2.0, and 6.2.1 do not properly handle signature validations based on SAML 1.0, 1.1, and 2.0, which allows remote attackers to bypass ...
7 years ago

CVE-2014-1386 - WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other ...
7 years ago

CVE-2015-1386 - Directory traversal vulnerability in unshield 1.0-1. ...
7 years ago

CVE-2001-1386 - WFTPD 3.00 allows remote attackers to read arbitrary files by uploading a (link) file that ends in a ".lnk." extension, which bypasses WFTPD's check for a ".lnk" extension. ...
7 years ago

Latest Cyber News

whoAMI attacks give hackers code execution on Amazon EC2 instances - 28 minutes ago
Roundtable: Is DOGE Flouting Cybersecurity for US Data? - 1 hour ago
How Public & Private Sectors Can Better Align Cyber Defense - 2 hours ago
Chinese APT 'Emperor Dragonfly' Moonlights With Ransomware - 2 hours ago
New Windows UI 0-Day Vulnerability Actively Exploited in the Wild - 3 hours ago
Dutch police say they took down 127 servers used by sanctioned hosting service | The Record from Recorded Future News - 4 hours ago
Burp AI - Burp Suite Now Integrate AI Powered Extension for Web Pentesting - 4 hours ago
Dutch Police seizes 127 XHost servers, dismantles bulletproof hoster - 5 hours ago
Threat Actors In Russia, China, and Iran Targeting Local Communities In The U.S - New Report - 5 hours ago
Hacker leaks account data of 12 million Zacks Investment users - 6 hours ago
APT43 Hackers Attacking Academic Institutions With Exposed Credentials - 7 hours ago
An Italian journalist speaks about being targeted with Paragon spyware | The Record from Recorded Future News - 7 hours ago
CVE-2025-25901 - 7 hours ago
CVE-2025-24904 - 7 hours ago
CVE-2025-25355 - 7 hours ago
CVE-2024-12011 - 7 hours ago
ANYRUN Safebrowsing Extension - Analyse Any Malicious URL for Free - 8 hours ago
CVE-2025-0426 - 8 hours ago
Munich Cyber Security and Security Conferences 2025 [Live Updates] | The Record from Recorded Future News - 9 hours ago
Chinese espionage tools deployed in RA World ransomware attack - 9 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

whoAMI attacks give hackers code execution on Amazon EC2 instances - 28 minutes ago
Roundtable: Is DOGE Flouting Cybersecurity for US Data? - 1 hour ago
Chinese APT 'Emperor Dragonfly' Moonlights With Ransomware - 2 hours ago
New Windows UI 0-Day Vulnerability Actively Exploited in the Wild - 3 hours ago
Dutch police say they took down 127 servers used by sanctioned hosting service | The Record from Recorded Future News - 4 hours ago
Burp AI - Burp Suite Now Integrate AI Powered Extension for Web Pentesting - 4 hours ago
Dutch Police seizes 127 XHost servers, dismantles bulletproof hoster - 5 hours ago
Threat Actors In Russia, China, and Iran Targeting Local Communities In The U.S - New Report - 5 hours ago
Hacker leaks account data of 12 million Zacks Investment users - 6 hours ago
CVE-2025-0995 - 2 days ago
CVE-2025-0996 - 2 days ago
CVE-2025-0997 - 2 days ago
CVE-2025-0998 - 2 days ago
CVE-2025-24528 - 1 day ago
CVE-2024-11343 - 1 day ago
CVE-2024-12629 - 1 day ago
CVE-2024-9870 - 1 day ago
CVE-2025-0332 - 1 day ago
CVE-2025-0516 - 1 day ago
CVE-2025-1208 - 1 day ago