Apple TV and iOS Local Security Restriction Bypass Vulnerability (CVE-2015-1062)
Release date:
Updated on:
Affected Systems:
Apple TV <1, 7.1
Apple iOS <8.2
Description:
Bugtraq id: 73003
CVE (CAN) ID: CVE-2015-1062
IOS is an operating system developed by Apple for mobile devices. It supports iPhone, iPod touch, iPad, and Apple TV.
In versions earlier than Apple TV 7.1 and earlier than iOS 8.2, MobileStorageMounter does not correctly Delete invalid disk image folders. Attackers can create folders in any file system using specially crafted applications.
<* Source: Apple
TaiG Jailbreak Team
Link: https://support.apple.com/kb/HT1222
*>
Suggestion:
Vendor patch:
Apple
-----
Apple has released a Security Bulletin (APPLE-SA-2015-03-09-1) and patches for this:
APPLE-SA-2015-03-09-1: iOS 8.2
Link: https://support.apple.com/kb/HT1222
Patch download: http://lists.apple.com/archives/security-announce/2015/Mar/msg00000.html
IOS details: click here
This article permanently updates the link address: