CWE-64 - Windows Shortcut Following (.LNK)

Description

The product, when opening a file or directory, does not sufficiently handle when the file is a Windows shortcut (.LNK) whose target is outside of the intended control sphere. This could allow an attacker to cause the product to operate on unauthorized files.

Latest vulnerabilities for CWE-64

No vulnerabilities found using your search criteria

References

Description of CWE-64 on Mitre website