Apple IPhone Configuration Web Utility Directory Traversal Vulnerability Network Vulnerability

Summary

This host has Apple iPhone Configuration Web Utility installed and is prone to directory traversal vulnerability.

Impact

Successful exploitation could allow attackers to download arbitrary files from the affected system via directory traversal attacks. Impact Level: Application

Solution

Upgrade to iPhone Configuration Utility 1.1 http://support.apple.com/downloads/iPhone_Configuration_Utility_1_1_for_Windows

Insight

The issue is due to an input validation error when processing HTTP GET requests.

Affected

iPhone Configuration Web Utility 1.0.x for Windows

References

http://secunia.com/advisories/32852

Updated on 2017-03-28

Severity

Classification

CVE CVE-2008-5315

CVSS	Base Score: 7.8 AV:N/AC:L/Au:N/C:C/I:N/A:N

Related Vulnerabilities

Adobe Acrobat Multiple Unspecified Vulnerabilities-01 Sep13 (Mac OS X)
Adobe Acrobat Out-of-bounds Vulnerability Feb15 (Windows)
Adobe Flash Player Arbitrary Code Execution Vulnerability (Linux)
Adobe Acrobat Multiple Unspecified Vulnerabilities -01 May13 (Windows)
Adobe Acrobat Multiple Vulnerabilities - Windows

Apple iPhone Configuration Web Utility Directory Traversal Vulnerability

Take action and discover your vulnerabilities