The Metaclassy Byword app 2.x before 2.1 for iOS does not require confirmation of Replace file actions, which allows remote attackers to overwrite arbitrary files via the name and text parameters in a byword://replace URL.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2013-10-01T00:00:00Z
Updated: 2024-09-17T03:12:32.663Z
Reserved: 2013-09-11T00:00:00Z
Link: CVE-2013-5725
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2013-10-01T00:55:12.990
Modified: 2013-10-08T21:21:04.637
Link: CVE-2013-5725
Redhat
No data.