Users of iOS file-management apps File Lite and File Lite Pro might want to delete the apps from their iOS devices for now (or at least turn off WiFi sharing). That’s because the Vulnerability Laboratory has discovered three vulnerabilities in the latest versions of the apps, according to iMore.
The worst vulnerability allows an attacker to upload files to a user’s account without any interaction, while the other two permit code injection in the user’s browser while they are viewing file listings. All three exploits require that a user has the apps’ WiFi sharing option turned on.
Since the vulnerabilities were discovered on May 17th, the app has not been pulled from the App Store, nor has it been updated. Until an update is released fixing the vulnerabilities, users should at the very least disable WiFi sharing within the app.
File Lite, File Lite Pro for iPhone shown to have vulnerabilities originally appeared on TUAW – The Unofficial Apple Weblog on Mon, 20 May 2013 12:00:00 EST. Please see our terms for use of feeds.
Source | Permalink | Email this | Comments