Directory traversal vulnerability in the BOM (aka Bill of Materials) component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code via a crafted CPIO archive.
Base Score: 6.8
Impact Score: 6.4
Exploitability Score: 8.6
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* versions up to 9.0.2 (inclusive)
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* versions up to 10.11.0 (inclusive)
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* versions up to 2.0.0 (inclusive)
View all (4 total)