The software update mechanism as used in Bare Bones Software Yojimbo before 4.0, TextWrangler before 4.5.3, and BBEdit before 10.5.5 does not properly download and verify updates before installation, which allows attackers to perform "tampering or corruption" of the updates.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2013-12-31T20:00:00

Updated: 2024-08-06T16:14:56.656Z

Reserved: 2013-05-24T00:00:00

Link: CVE-2013-3667

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2013-12-31T20:55:15.167

Modified: 2024-11-21T01:54:06.060

Link: CVE-2013-3667

cve-icon Redhat

No data.