CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
EPSS
Percentile
73.8%
Severity: High
Date : 2017-05-16
CVE-ID : CVE-2017-5209 CVE-2017-5545 CVE-2017-5834 CVE-2017-5835
CVE-2017-5836 CVE-2017-6435 CVE-2017-6436 CVE-2017-6437
CVE-2017-6438 CVE-2017-6439 CVE-2017-6440
Package : libplist
Type : multiple issues
Remote : Yes
Link : https://security.archlinux.org/AVG-215
The package libplist before version 2.0.0-1 is vulnerable to multiple
issues including arbitrary command execution, denial of service and
information disclosure.
Upgrade to 2.0.0-1.
The problems have been fixed upstream in version 2.0.0.
None.
The base64decode function in base64.c in libimobiledevice libplist
through 1.12 allows attackers to obtain sensitive information from
process memory or cause a denial of service (buffer over-read) via
split encoded Apple Property List data.
The main function in plistutil.c in libimobiledevice libplist through
1.12 allows attackers to obtain sensitive information from process
memory or cause a denial of service (buffer over-read) via Apple
Property List data that is too short.
The parse_dict_node function in bplist.c in libplist allows attackers
to cause a denial of service (out-of-bounds heap read and crash) via a
crafted file.
libplist allows attackers to cause a denial of service (large memory
allocation and crash) via vectors involving an offset size of zero.
The plist_free_data function in plist.c in libplist allows attackers to
cause a denial of service (crash) via vectors involving an integer node
that is treated as a PLIST_KEY and then triggers an invalid free.
The parse_string_node function in bplist.c in libimobiledevice libplist
1.12 allows local users to cause a denial of service (memory
corruption) via a crafted plist file.
The parse_string_node function in bplist.c in libimobiledevice libplist
1.12 allows local users to cause a denial of service (memory allocation
error) via a crafted plist file.
The base64encode function in base64.c in libimobiledevice libplist 1.12
allows local users to cause a denial of service (out-of-bounds read)
via a crafted plist file.
Heap-based buffer overflow in the parse_unicode_node function in
bplist.c in libimobiledevice libplist 1.12 allows local users to cause
a denial of service (out-of-bounds write) and possibly code execution
via a crafted plist file.
Heap-based buffer overflow in the parse_string_node function in
bplist.c in libimobiledevice libplist 1.12 allows local users to cause
a denial of service (out-of-bounds write) via a crafted plist file.
The parse_data_node function in bplist.c in libimobiledevice libplist
1.12 allows local users to cause a denial of service (memory allocation
error) via a crafted plist file.
An attacker is able to crash the process, read sensitive information or
execute arbitrary code on the host by providing a crafted plist file or
string.
https://github.com/libimobiledevice/libplist/issues/93
https://github.com/libimobiledevice/libplist/issues/94
https://github.com/libimobiledevice/libplist/issues/95
https://github.com/libimobiledevice/libplist/issues/99
https://github.com/libimobiledevice/libplist/issues/98
https://github.com/libimobiledevice/libplist/issues/100
https://github.com/libimobiledevice/libplist/blob/master/NEWS
https://bugzilla.redhat.com/show_bug.cgi?id=1412613
https://bugzilla.redhat.com/show_bug.cgi?id=1416002
https://bugzilla.redhat.com/show_bug.cgi?id=1418591
https://bugzilla.redhat.com/show_bug.cgi?id=1418592
https://bugzilla.redhat.com/show_bug.cgi?id=1418593
https://security.archlinux.org/CVE-2017-5209
https://security.archlinux.org/CVE-2017-5545
https://security.archlinux.org/CVE-2017-5834
https://security.archlinux.org/CVE-2017-5835
https://security.archlinux.org/CVE-2017-5836
https://security.archlinux.org/CVE-2017-6435
https://security.archlinux.org/CVE-2017-6436
https://security.archlinux.org/CVE-2017-6437
https://security.archlinux.org/CVE-2017-6438
https://security.archlinux.org/CVE-2017-6439
https://security.archlinux.org/CVE-2017-6440
bugzilla.redhat.com/show_bug.cgi?id=1412613
bugzilla.redhat.com/show_bug.cgi?id=1416002
bugzilla.redhat.com/show_bug.cgi?id=1418591
bugzilla.redhat.com/show_bug.cgi?id=1418592
bugzilla.redhat.com/show_bug.cgi?id=1418593
github.com/libimobiledevice/libplist/blob/master/NEWS
github.com/libimobiledevice/libplist/issues/100
github.com/libimobiledevice/libplist/issues/93
github.com/libimobiledevice/libplist/issues/94
github.com/libimobiledevice/libplist/issues/95
github.com/libimobiledevice/libplist/issues/98
github.com/libimobiledevice/libplist/issues/99
security.archlinux.org/AVG-215
security.archlinux.org/CVE-2017-5209
security.archlinux.org/CVE-2017-5545
security.archlinux.org/CVE-2017-5834
security.archlinux.org/CVE-2017-5835
security.archlinux.org/CVE-2017-5836
security.archlinux.org/CVE-2017-6435
security.archlinux.org/CVE-2017-6436
security.archlinux.org/CVE-2017-6437
security.archlinux.org/CVE-2017-6438
security.archlinux.org/CVE-2017-6439
security.archlinux.org/CVE-2017-6440
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
EPSS
Percentile
73.8%