CVE-2015-1062

2015-03-1210:00:00

apple

www.cve.org

AI Score

5.6

Confidence

Low

EPSS

0.002

Percentile

64.6%

JSON

MobileStorageMounter in Apple iOS before 8.2 and Apple TV before 7.1 does not delete invalid disk-image folders, which allows attackers to create folders in arbitrary filesystem locations via a crafted app.

References

lists.apple.com/archives/security-announce/2015/Mar/msg00000.html

lists.apple.com/archives/security-announce/2015/Mar/msg00001.html

www.securitytracker.com/id/1031864

support.apple.com/HT204423

support.apple.com/HT204426