Linux Distros Unpatched Vulnerability : CVE-2017-5545

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The main function in plistutil.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or cause a denia...

RHEL 6 : libplist (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libplist: Out-of-bounds heap buffer read in plistutil CVE-2017-5545 - The parsedictnode function in...

RHEL 7 : libplist (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libplist: Out-of-bounds heap buffer read in plistutil CVE-2017-5545 - The parsedictnode function in...

Mageia: Security Advisory (MGASA-2018-0025)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Advisory ROSA-SA-2021-1874

Software: libimobiledevice 1.2.0 OS: Cobalt 7.9 CVE-ID: CVE-2017-5209 CVE-Crit: CRITICAL CVE-DESC: The base64decode function in base64.c in libimobiledevice libplist before 1.12 allows attackers to retrieve sensitive information from process memory or cause a denial of service buffer overflow usi...

SUSE: Security Advisory (SUSE-SU-2017:1379-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:1368-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-2168-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 2168-1] libplist security update

Package : libplist Version : 1.11-3+deb8u1 CVE ID : CVE-2017-5209 CVE-2017-5545 CVE-2017-5834 CVE-2017-5835 CVE-2017-6435 CVE-2017-6436 CVE-2017-6439 CVE-2017-7982 Debian Bug : 851196 852385 854000 860945 libplist is a library for reading and writing the Apple binary and XML property lists format...

Huawei EulerOS: Security Advisory for libplist (EulerOS-SA-2019-2207)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP2 : libplist (EulerOS-SA-2019-2395)

According to the versions of the libplist package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - libplist allows attackers to cause a denial of service large memory allocation and crash via vectors involving an offset size of...

EulerOS 2.0 SP5 : libplist (EulerOS-SA-2019-2207)

According to the versions of the libplist package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The parsestringnode function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service memory corruption vi...

[slackware-security] libplist

New libplist packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/libplist-2.0.0-i586-1slack14.2.txz: Upgraded. This update fixes several security issues. For more information, see:...

openSUSE Security Update : libplist (openSUSE-2017-627)

This update for libplist fixes the following issues : - CVE-2017-5209: The base64decode function in libplist allowed attackers to obtain sensitive information from process memory or cause a denial of service buffer over-read via split encoded Apple Property List data bsc1019531. - CVE-2017-5545:...

SUSE SLED12 / SLES12 Security Update : libplist (SUSE-SU-2017:1379-1)

This update for libplist fixes the following issues : - CVE-2017-5209: The base64decode function in libplist allowed attackers to obtain sensitive information from process memory or cause a denial of service buffer over-read via split encoded Apple Property List data bsc1019531. - CVE-2017-5545:...

SUSE-SU-2017:1379-1 Security update for libplist

This update for libplist fixes the following issues: - CVE-2017-5209: The base64decode function in libplist allowed attackers to obtain sensitive information from process memory or cause a denial of service buffer over-read via split encoded Apple Property List data bsc1019531. - CVE-2017-5545: T...

SUSE SLED12 / SLES12 Security Update : libplist (SUSE-SU-2017:1368-1)

This update for libplist fixes the following security issues : - CVE-2017-5545: The main function in plistutil.c in libimobiledevice libplist allowed attackers to obtain sensitive information from process memory or cause a denial of service buffer over-read via Apple Property List data that is to...

[ASA-201705-18] libplist: multiple issues

Arch Linux Security Advisory ASA-201705-18 ========================================== Severity: High Date : 2017-05-16 CVE-ID : CVE-2017-5209 CVE-2017-5545 CVE-2017-5834 CVE-2017-5835 CVE-2017-5836 CVE-2017-6435 CVE-2017-6436 CVE-2017-6437 CVE-2017-6438 CVE-2017-6439 CVE-2017-6440 Package :...

Fedora 25 : libplist (2017-4047180cd3)

Version 2.0.0 Changes : - New light-weight custom XML parser - Remove libxml2 dependency - Refactor binary plist parsing - Improved malformed XML and binary plist detection and error handling - Add parser debug/error output when compiled with --enable-debug, controlled via environment variables -...

Debian DLA-811-1 : libplist security update

The following vulnerabilities have been fixed in libplist : CVE-2017-5209 Out of bounds read when parsing specially crafted Apple plist file CVE-2017-5545 Heap buffer overflow via crafted Apple plist file For Debian 7 'Wheezy', these problems have been fixed in version 1.8-1+deb7u1. We recommend...