Lucene search
K
LibimobiledeviceLibplist

7 matches found

CVE
CVE
added 2017/03/03 3:0 p.m.209 views

CVE-2017-5834

CVE-2017-5834 affects the libplist library. The parse_dict_node function in bplist.c can cause a denial of service via an out-of-bounds heap read/crash when presented with a crafted plist file. Some advisories note upstream fixes in later libplist releases (e.g., 2.0.0+), with distributions like ...

5.5CVSS6.4AI score0.01297EPSS
CVE
CVE
added 2017/03/03 3:0 p.m.196 views

CVE-2017-5835

CVE-2017-5835 is a denial-of-service issue in the libplist library caused by a memory allocation pattern tied to an offset size of zero in plist processing. Public advisories describe it as a memory‑allocation crash vector in libplist’s handling of certain crafted plist inputs. The affected compo...

7.5CVSS7.8AI score0.02926EPSS
CVE
CVE
added 2017/03/03 3:0 p.m.176 views

CVE-2017-5836

CVE-2017-5836 affects libplist (plist_free_data in plist.c). The vulnerability allows a denial-of-service crash via an attack vector where an integer node is treated as a PLIST_KEY, triggering an invalid free. Affected reports (e.g., Red Hat/NASL summaries and EulerOS notes) consistently cite DoS...

7.5CVSS7.7AI score0.02657EPSS
CVE
CVE
added 2017/04/20 2:0 p.m.145 views

CVE-2017-7982

CVE-2017-7982 affects libimobiledevice/libplist (plist_from_bin in bplist.c). An integer overflow in plist_from_bin allows a crafted plist file to trigger a heap-based buffer over-read and application crash, enabling a denial of service. Affected: libplist prior to 2017-04-19. CVSS metrics indica...

5.5CVSS6.7AI score0.01461EPSS
CVE
CVE
added 2017/01/11 4:0 p.m.92 views

CVE-2017-5209

CVE-2017-5209 affects libimobiledevice/libplist (base64decode in base64.c) up to at least 1.12, enabling memory information exposure or a buffer over-read. Public advisories from Debian (DLA-2168-1) and multiple Nessus/EulerOS notices show upstream fixes in newer libplist versions (Debian fix in ...

9.1CVSS8.2AI score0.02851EPSS
CVE
CVE
added 2017/01/21 1:0 a.m.81 views

CVE-2017-5545

CVE-2017-5545 affects libplist (libimobiledevice stack) through 1.12. The main function in plistutil.c can leak memory information or cause a denial of service via too-short Apple Property List data. Affected component/file: plistutil.c in libplist; root cause: buffer over-read when processing pl...

9.1CVSS8.2AI score0.03768EPSS
CVE
CVE
added 2023/02/21 7:0 a.m.71 views

CVE-2015-10082

CVE-2015-10082 affects UIKit0 libplist 1.12; the XML handler’s plist_from_xml function in src/xplist.c is vulnerable to an XML External Entity Reference (XXE). The patch is identified by the hash c086cb139af7c82845f6d565e636073ff4b37440. Documented references across multiple advisories (including...

9.8CVSS7.4AI score0.00723EPSS