RSS   Vulnerabilities for 'ARQ'   RSS

2018-01-31
 
CVE-2017-16945

CWE-264
 

 
The standardrestorer binary in Arq 5.10 and earlier for Mac allows local users to write to arbitrary files and consequently gain root privileges via a crafted restore path.

 
 
CVE-2017-16928

CWE-264
 

 
The arq_updater binary in Arq 5.10 and earlier for Mac allows local users to write to arbitrary files and consequently gain root privileges via a crafted update URL, as demonstrated by file:///tmp/blah/Arq.zip.

 


Copyright 2018, cxsecurity.com

 

Back to Top