Vulnerabilities > Libimobiledevice > Libimobiledevice > 1.1.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-06-13 | CVE-2016-5104 | Improper Access Control vulnerability in multiple products The socket_create function in common/socket.c in libimobiledevice and libusbmuxd allows remote attackers to bypass intended access restrictions and communicate with services on iOS devices by connecting to an IPv4 TCP socket. | 5.0 |
2014-01-19 | CVE-2013-2142 | Link Following vulnerability in Libimobiledevice 1.1.4 userpref.c in libimobiledevice 1.1.4, when $HOME and $XDG_CONFIG_HOME are not set, allows local users to overwrite arbitrary files via a symlink attack on (1) HostCertificate.pem, (2) HostPrivateKey.pem, (3) libimobiledevicerc, (4) RootCertificate.pem, or (5) RootPrivateKey.pem in /tmp/root/.config/libimobiledevice/. | 3.3 |