← back
CVE-2017-2390

CVE-2017-2390

EPSS 0.4%
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves symlink mishandling in the "libarchive" component. It allows local users to change arbitrary directory permissions via unspecified vectors.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://support.apple.com/HT207601https://support.apple.com/HT207602https://support.apple.com/HT207615https://support.apple.com/HT207617http://www.securityfocus.com/bid/97137http://www.securitytracker.com/id/1038138