CVE-2013-2142
Publication date 4 June 2013
Last updated 24 July 2024
Ubuntu priority
userpref.c in libimobiledevice 1.1.4, when $HOME and $XDG_CONFIG_HOME are not set, allows local users to overwrite arbitrary files via a symlink attack on (1) HostCertificate.pem, (2) HostPrivateKey.pem, (3) libimobiledevicerc, (4) RootCertificate.pem, or (5) RootPrivateKey.pem in /tmp/root/.config/libimobiledevice/.
Status
Package | Ubuntu Release | Status |
---|---|---|
libimobiledevice | ||
Patch details
Package | Patch details |
---|---|
libimobiledevice |
References
Related Ubuntu Security Notices (USN)
- USN-1927-1
- libimobiledevice vulnerability
- 14 August 2013