160 matches found
CVE-2017-6435
The parsestringnode function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service memory corruption via a crafted plist file...
CVE-2017-6436
CVE-2017-6436 affects libplist (libimobiledevice/libplist 1.12). The vulnerability resides in the parse_string_node function in bplist.c and can be triggered by a crafted plist file to cause a denial of service via a memory allocation error, via local access. Impact is DoS on affected systems; ex...
CVE-2017-6435
The parsestringnode function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service memory corruption via a crafted plist file...
CVE-2017-6436
The parsestringnode function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service memory allocation error via a crafted plist file...
CVE-2017-6438
CVE-2017-6438 affects libplist (libimobiledevice/libplist) 1.12, via a heap-based buffer overflow in parse_unicode_node() in bplist.c that can cause a denial of service and potentially code execution with a crafted plist. A patch/update is available from upstream/maintainers (refs in Red Hat Mage...
CVE-2017-6438
Heap-based buffer overflow in the parseunicodenode function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service out-of-bounds write and possibly code execution via a crafted plist file...
CVE-2017-6437
The base64encode function in base64.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service out-of-bounds read via a crafted plist file...
CVE-2017-6435
CVE-2017-6435 affects libimobiledevice libplist 1.12. The parse_string_node function in bplist.c is reported to allow local users to cause a denial of service through a crafted plist file, resulting in memory corruption. The vulnerability is locally exploitable; the description does not specify e...
CVE-2017-6439
Heap-based buffer overflow in the parsestringnode function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service out-of-bounds write via a crafted plist file...
CVE-2017-6439
CVE-2017-6439 is a heap-based buffer overflow in the parse_string_node function of libimobiledevice/libplist 1.12. It allows local users to cause a denial of service via a crafted plist file (out-of-bounds write). Affected software: libimobiledevice/libplist (version 1.12). Connected sources conf...
CVE-2017-6440
The parsedatanode function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service memory allocation error via a crafted plist file...
libimobiledevice libplist Heap Buffer Overflow Vulnerability
libimobiledevice is a software protocol library and tool that allows Linux to support connectivity to iOS devices such as the iPhone, iPodTouch, etc. libplist is one of the libraries that handles the Apple Property List format in binary or XML format. A heap buffer overflow vulnerability exists i...
libimobiledevice libplist heap buffer overflow vulnerability (CNVD-2017-01279)
libimobiledevice is a software protocol library and tool that allows Linux to support connectivity to iOS devices such as the iPhone, iPodTouch, etc. libplist is one of the libraries that handles the Apple Property List format in binary or XML format. A stack buffer overflow vulnerability exists ...
libimobiledevice libplist Denial of Service Vulnerability
libimobiledevice is a software protocol library and tool that allows Linux to support connectivity to iOS devices such as the iPhone, iPodTouch, etc. libplist is one of the libraries that handles the ApplePropertyList format in either binary or XML format. A denial of service vulnerability exists...
Exposure Of IOS Device To Attacker
libimobiledevice and libusbmuxd are vulnerable to exposure of iOS decive to attacker on the local network. The attack is possible because of a flaw in the socketcreate function in common/socket.c in libimobiledevice and libusbmuxd, leading to the bypass of intended access restrictions. Therefore,...
[ASA-201701-34] libimobiledevice: access restriction bypass
Arch Linux Security Advisory ASA-201701-34 ========================================== Severity: Medium Date : 2017-01-27 CVE-ID : CVE-2016-5104 Package : libimobiledevice Type : access restriction bypass Remote : Yes Link : https://security.archlinux.org/AVG-8 Summary ======= The package...
Libimobiledevice Libplist 'plistutil.c' stack buffer overflow vulnerability
libimobiledevice is a software protocol library and tool that allows Linux to support connectivity to iOS devices such as the iPhone, iPodTouch, etc. libplist is one of the libraries that handles the ApplePropertyList format in either binary or XML format. A stack buffer overflow vulnerability...
CVE-2017-5545
The main function in plistutil.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or cause a denial of service buffer over-read via Apple Property List data that is too short...
Design/Logic Flaw
The main function in plistutil.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or cause a denial of service buffer over-read via Apple Property List data that is too short...
CVE-2017-5545
The main function in plistutil.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or cause a denial of service buffer over-read via Apple Property List data that is too short...