CVE-2013-2142

Priority
Description
userpref.c in libimobiledevice 1.1.4, when $HOME and $XDG_CONFIG_HOME are
not set, allows local users to overwrite arbitrary files via a symlink
attack on (1) HostCertificate.pem, (2) HostPrivateKey.pem, (3)
libimobiledevicerc, (4) RootCertificate.pem, or (5) RootPrivateKey.pem in
/tmp/root/.config/libimobiledevice/.
Assigned-to
mdeslaur
Notes
More Information

Updated: 2020-03-18 22:12:22 UTC (commit 2ea7df7bd1e69e1e489978d2724a936eb3faa1b8)