13 matches found
libplist 'parse_string_node()' local heap buffer overflow vulnerability
libimobiledevice is a software protocol library and tool that allows Linux to support connectivity to iOS devices such as the iPhone, iPodTouch, etc. libplist is one of the libraries that handles the Apple Property List format in binary or XML format. A local heap buffer overflow vulnerability...
Denial Of Service (DoS)
libplist is vulnerable to denial of service DoS attacks. The vulnerability exists because the parsestringnode function in bplist.c does not properly handle malloc failure , allowing the attacker to cause a denial of service through a plist file locally...
CVE-2017-6439
Heap-based buffer overflow in the parsestringnode function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service out-of-bounds write via a crafted plist file...
CVE-2017-6436
The parsestringnode function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service memory allocation error via a crafted plist file...
CVE-2017-6439
Heap-based buffer overflow in the parsestringnode function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service out-of-bounds write via a crafted plist file...
CVE-2017-6436
The parsestringnode function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service memory allocation error via a crafted plist file...
CVE-2017-6435
The parsestringnode function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service memory corruption via a crafted plist file...
CVE-2017-6436
The parsestringnode function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service memory allocation error via a crafted plist file...
Memory corruption
The parsestringnode function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service memory corruption via a crafted plist file...
CVE-2017-6436
The parsestringnode function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service memory allocation error via a crafted plist file...
CVE-2017-6436
The parsestringnode function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service memory allocation error via a crafted plist file...
CVE-2017-6435
The parsestringnode function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service memory corruption via a crafted plist file...
CVE-2017-6435
CVE-2017-6435 affects libimobiledevice libplist 1.12. The parse_string_node function in bplist.c is reported to allow local users to cause a denial of service through a crafted plist file, resulting in memory corruption. The vulnerability is locally exploitable; the description does not specify e...