3 matches found
CVE-2013-0979
lockdownd in Lockdown in Apple iOS before 6.1.3 does not properly consider file types during the permission-setting step of a backup restoration, which allows local users to change the permissions of arbitrary files via a backup that contains a pathname with a symlink...
CVE-2013-0979
CVE-2013-0979 affects Apple iOS before 6.1.3, where lockdownd did not properly consider file types during permission setting in backup restorations. This allowed a local user to change permissions on arbitrary files when a backup path included a symlink. The issue is fixed in the iOS 6.1.3 securi...
Apple iPhone/iPad/iPod touch iOS 6.1.3之前版本本地安全绕过漏洞(CVE-2013-0979)
BUGTRAQ ID: 58588 CVECAN ID: CVE-2013-0979 Apple iOS是由苹果公司开发的手持设备操作系统。 iPhone, iPod touch, iPad上使用的Apple iOS 6.1.3之前版本在从备份恢复时,lockdownd更改了某些文件的权限,即使这些文件的路径包含了符号链接,本地攻击者可利用此漏洞更改任意文件的权限。 0 Apple iOS = 6.1.3 厂商补丁: Apple ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://support.apple.com/...