Use of Incorrectly-Resolved Name or Reference
This vulnerability occurs when software uses a name, path, or reference to access a resource, but that identifier points to something outside the area the application is supposed to control, leading to unauthorized access or manipulation.
Think of it like asking for a file by a simple name like 'config.txt'. Without proper resolution, the system might find a different 'config.txt' in a parent directory or a linked location that the developer never intended the application to use. This incorrect resolution often stems from relative paths, symbolic links, search path issues, or logic that doesn't fully qualify a resource's location, creating a gap between what the developer expects and what the system actually accesses. For developers, the core risk is a loss of control. An attacker can exploit this by placing a malicious resource with a predictable name in a location that gets searched first, or by manipulating links and environment variables to redirect references. To prevent this, always use absolute paths or canonical paths when possible, explicitly validate and sanitize user input used in resource resolution, and implement mechanisms like chroot jails or security policies that strictly define the application's permitted control sphere.
Impact: Read Application DataModify Application Data