Sunday, May 19, 2013

Multiple Vulnerabilities Found in File Lite and File Pro iOS Apps

Multiple Vulnerabilities Found in File Lite and File Pro iOS Apps

Bad news this week for any users of the iOS file management apps File Lite and File Pro. Researchers over at Vulnerability Laboratory have published details for three vulnerabilities that they discovered in the latest versions of both apps.

Ranging from low to high risk, two of the vulnerabilities allow for code injection in the user?s browser when they view a file listing, while the most severe vulnerability allows an attacker to upload arbitrary files to a user?s account without any user interaction. While the impact of these vulnerabilities could be quite severe, exploitation requires a victim to be running the app?s Wi-Fi Sharing option.

The Wi-Fi Sharing method for sharing files runs a web server locally on your iPhone. It appears that all of the published vulnerabilities rely on the web server running to be exploited. If you already have the app on your phone and don?t want to lose the documents you have in it, you should be fine leaving the app on your phone, just avoid using the Wi-Fi Sharing option. Although based on the insecurities found by Vulnerability Laboratory, it?s probably not unwise to start using a different app to manage your files.

    


Source: http://feedproxy.google.com/~r/TheIphoneBlog/~3/foCkyF9051c/story01.htm

kurt busch nba dunk contest 2012 act of valor woody guthrie benson henderson 2012 dunk contest edgar vs henderson

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.