Описание
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "libarchive" component, which allows local users to write to arbitrary files via vectors related to symlinks.
Ссылки
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 10.1.1 (включая)
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
Конфигурация 2Версия до 10.12.1 (включая)
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
Конфигурация 3Версия до 2.2.2 (включая)
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
EPSS
Процентиль: 25%
0.00087
Низкий
5.5 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-59
Связанные уязвимости
CVSS3: 5.5
github
больше 3 лет назад
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "libarchive" component, which allows local users to write to arbitrary files via vectors related to symlinks.
fstec
почти 9 лет назад
Уязвимость операционных систем Mac OS X и iOS, позволяющая нарушителю изменять произвольные файлы
EPSS
Процентиль: 25%
0.00087
Низкий
5.5 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-59