Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
userpref.c in libimobiledevice 1.1.4, when $HOME and $XDG_CONFIG_HOME are not set, allows local users to overwrite arbitrary files via a symlink attack on (1) HostCertificate.pem, (2) HostPrivateKey.pem, (3) libimobiledevicerc, (4) RootCertificate.pem, or (5) RootPrivateKey.pem in /tmp/root/.config/libimobiledevice/.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
libimobiledevice ‘userpref.c’不安全临时文件创建漏洞
Vulnerability Description
libimobiledevice是一个可让Linux支持连接iPhone、iPodTouch等iOS设备的软件协议库和工具。 libimobiledevice 1.1.4版本中的userpref.c文件中存在安全漏洞,该漏洞源于程序以不安全的方式创建临时文件。本地攻击者可通过对/tmp/root/.config/libimobiledevice/目录下的多个文件实施符号链接攻击,利用该漏洞覆盖任意文件。文件包括:(1) HostCertificate.pem,(2) HostPrivateKey.pem,
CVSS Information
N/A
Vulnerability Type
N/A