Libimobiledevice » Libimobiledevice : Security Vulnerabilities, CVEs,
The socket_create function in common/socket.c in libimobiledevice and libusbmuxd allows remote attackers to bypass intended access restrictions and communicate with services on iOS devices by connecting to an IPv4 TCP socket.
Max CVSS
5.3
EPSS Score
0.52%
Published
2016-06-13
Updated
2018-10-30
userpref.c in libimobiledevice 1.1.4, when $HOME and $XDG_CONFIG_HOME are not set, allows local users to overwrite arbitrary files via a symlink attack on (1) HostCertificate.pem, (2) HostPrivateKey.pem, (3) libimobiledevicerc, (4) RootCertificate.pem, or (5) RootPrivateKey.pem in /tmp/root/.config/libimobiledevice/.
Max CVSS
3.3
EPSS Score
0.04%
Published
2014-01-19
Updated
2014-01-21
2 vulnerabilities found