CVE-2017-16928

2018-01-31T15:29:00
ID CVE-2017-16928
Type cve
Reporter NVD
Modified 2018-02-14T09:05:36

Description

The arq_updater binary in Arq 5.10 and earlier for Mac allows local users to write to arbitrary files and consequently gain root privileges via a crafted update URL, as demonstrated by file:///tmp/blah/Arq.zip.