15 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-6435
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The parsestringnode function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service memory corruption via a crafted plist...
Mageia: Security Advisory (MGASA-2018-0025)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:2201-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for libplist (EulerOS-SA-2020-1404)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP3 : libplist (EulerOS-SA-2020-1404)
According to the version of the libplist package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The parsestringnode function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service memory corruption via a...
Debian: Security Advisory (DLA-2168-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2168-1] libplist security update
Package : libplist Version : 1.11-3+deb8u1 CVE ID : CVE-2017-5209 CVE-2017-5545 CVE-2017-5834 CVE-2017-5835 CVE-2017-6435 CVE-2017-6436 CVE-2017-6439 CVE-2017-7982 Debian Bug : 851196 852385 854000 860945 libplist is a library for reading and writing the Apple binary and XML property lists format...
Huawei EulerOS: Security Advisory for libplist (EulerOS-SA-2019-2207)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP5 : libplist (EulerOS-SA-2019-2207)
According to the versions of the libplist package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The parsestringnode function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service memory corruption vi...
[slackware-security] libplist
New libplist packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/libplist-2.0.0-i586-1slack14.2.txz: Upgraded. This update fixes several security issues. For more information, see:...
openSUSE Security Update : libplist (openSUSE-2017-953)
This update for libplist fixes the following issues : Security issues fixed : - CVE-2017-6439: Heap-based buffer overflow in the parsestringnode function. bsc1029638 - CVE-2017-6438: Heap-based buffer overflow in the parseunicodenode function. bsc1029706 - CVE-2017-6437: The base64encode function...
Fedora 25 : libplist (2017-4047180cd3)
Version 2.0.0 Changes : - New light-weight custom XML parser - Remove libxml2 dependency - Refactor binary plist parsing - Improved malformed XML and binary plist detection and error handling - Add parser debug/error output when compiled with --enable-debug, controlled via environment variables -...
[ASA-201705-18] libplist: multiple issues
Arch Linux Security Advisory ASA-201705-18 ========================================== Severity: High Date : 2017-05-16 CVE-ID : CVE-2017-5209 CVE-2017-5545 CVE-2017-5834 CVE-2017-5835 CVE-2017-5836 CVE-2017-6435 CVE-2017-6436 CVE-2017-6437 CVE-2017-6438 CVE-2017-6439 CVE-2017-6440 Package :...
[SECURITY] [DLA 870-1] libplist security update
Package : libplist Version : 1.8-1+deb7u3 CVE ID : CVE-2017-6435 CVE-2017-6436 CVE-2017-6439 More vulnerabilities were discovered in libplist, a library for reading and writing the Apple binary and XML property lists format. A maliciously crafted plist file could cause a denial-of-service...
CVE-2017-6435
CVE-2017-6435 affects libimobiledevice libplist 1.12. The parse_string_node function in bplist.c is reported to allow local users to cause a denial of service through a crafted plist file, resulting in memory corruption. The vulnerability is locally exploitable; the description does not specify e...