CVE Vulnerabilities

CVE-2013-5725

Published: Oct 01, 2013 | Modified: Oct 08, 2013
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

The Metaclassy Byword app 2.x before 2.1 for iOS does not require confirmation of Replace file actions, which allows remote attackers to overwrite arbitrary files via the name and text parameters in a byword://replace URL.

Affected Software

Name Vendor Start Version End Version
Byword Metaclassy 2.0.0 2.0.0
Byword Metaclassy 2.0.1 2.0.1
Byword Metaclassy 2.0.2 2.0.2
Byword Metaclassy 2.0.3 2.0.3

References