cpe:2.3:o:apple:mac_os_x:10.0.4:*:*:*:*:*:*:*
A path handling issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. A local attacker may be able to elevate their privileges.
Max CVSS
7.8
EPSS Score
0.04%
Published
2020-12-08
Updated
2022-10-14
A path handling issue was addressed with improved validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, watchOS 6.2.8. A malicious mail server may overwrite arbitrary mail files.
Max CVSS
9.1
EPSS Score
0.19%
Published
2020-10-22
Updated
2023-01-09
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. A remote attacker may be able to overwrite existing files.
Max CVSS
7.5
EPSS Score
0.18%
Published
2020-10-27
Updated
2020-11-04
In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.
Max CVSS
7.5
EPSS Score
57.00%
Published
2018-06-07
Updated
2020-08-24
Directory traversal vulnerability in the BOM (aka Bill of Materials) component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code via a crafted CPIO archive.
Max CVSS
6.8
EPSS Score
3.49%
Published
2015-10-23
Updated
2016-12-24
Directory traversal vulnerability in AFP Server in Apple Mac OS X before 10.6.3 allows remote attackers to list a share root's parent directory, and read and modify files in that directory, via unspecified vectors.
Max CVSS
7.5
EPSS Score
0.28%
Published
2010-03-30
Updated
2013-09-10
6 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!