CWE-72 - Improper Handling of Apple HFS+ Alternate Data Stream Path
- Abstraction:Variant
- Structure:Simple
- Status:Incomplete
- Release Date:2006-07-19
- Latest Modification Date:2023-06-29
Weakness Name
Improper Handling of Apple HFS+ Alternate Data Stream Path
Description
The product does not properly handle special paths that may identify the data or resource fork of a file on the HFS+ file system.
If the product chooses actions to take based on the file name, then if an attacker provides the data or resource fork, the product may take unexpected actions. Further, if the product intends to restrict access to a file, then an attacker might still be able to bypass intended access restrictions by requesting the data or resource fork for that file.
Common Consequences
Scope: Confidentiality, Integrity
Impact: Read Files or Directories, Modify Files or Directories
Related Weaknesses
CWE-66Improper Handling of File Names that Identify Virtual Resources
Critical Ivanti Flaw Actively Exploited to Deploy TRAILBLAZE and BRUSHFIRE Malware
OPSEC Failure Exposes Coquettte's Malware Campaigns on Bulletproof Hosting Servers
CERT-UA Reports Cyberattacks Targeting Ukrainian State Systems with WRECKSTEEL Malware
Critical Flaw in Apache Parquet Allows Remote Attackers to Execute Arbitrary Code
Max severity RCE flaw discovered in widely used Apache Parquet
Hunters International shifts from ransomware to pure data extortion
CISA warns of Fast Flux DNS evasion used by cybercrime gangs
Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457)
CVE-2025-22224 VMware ESXi and Workstation TOCTOU Race Condition Vulnerability
CVE-2025-2783 Google Chromium Mojo Sandbox Escape Vulnerability
CVE-2020-29574 CyberoamOS (CROS) SQL Injection Vulnerability
CVE-2022-43769 Hitachi Vantara Pentaho BA Server Special Element Injection Vulnerability
CVE-2022-43939 Hitachi Vantara Pentaho BA Server Authorization Bypass Vulnerability
CVE-2018-8639 Microsoft Windows Win32k Improper Resource Shutdown or Release Vulnerability
CVE-2024-40890 Zyxel DSL CPE OS Command Injection Vulnerability
CVE-2024-49035 Microsoft Partner Center Improper Access Control Vulnerability
CVE-2017-0148 Microsoft SMBv1 Server Remote Code Execution Vulnerability
CVE-2018-19410 Paessler PRTG Network Monitor Local File Inclusion Vulnerability
InformationalBase64 Disclosure
MediumFile Upload
MediumInteger Overflow Error
InformationalCharset Mismatch