7 matches found
CVE-2017-5834
CVE-2017-5834 affects the libplist library. The parse_dict_node function in bplist.c can cause a denial of service via an out-of-bounds heap read/crash when presented with a crafted plist file. Some advisories note upstream fixes in later libplist releases (e.g., 2.0.0+), with distributions like ...
CVE-2017-5835
CVE-2017-5835 is a denial-of-service issue in the libplist library caused by a memory allocation pattern tied to an offset size of zero in plist processing. Public advisories describe it as a memory‑allocation crash vector in libplist’s handling of certain crafted plist inputs. The affected compo...
CVE-2017-5836
CVE-2017-5836 affects libplist (plist_free_data in plist.c). The vulnerability allows a denial-of-service crash via an attack vector where an integer node is treated as a PLIST_KEY, triggering an invalid free. Affected reports (e.g., Red Hat/NASL summaries and EulerOS notes) consistently cite DoS...
CVE-2017-7982
CVE-2017-7982 affects libimobiledevice/libplist (plist_from_bin in bplist.c). An integer overflow in plist_from_bin allows a crafted plist file to trigger a heap-based buffer over-read and application crash, enabling a denial of service. Affected: libplist prior to 2017-04-19. CVSS metrics indica...
CVE-2017-5209
CVE-2017-5209 affects libimobiledevice/libplist (base64decode in base64.c) up to at least 1.12, enabling memory information exposure or a buffer over-read. Public advisories from Debian (DLA-2168-1) and multiple Nessus/EulerOS notices show upstream fixes in newer libplist versions (Debian fix in ...
CVE-2017-5545
CVE-2017-5545 affects libplist (libimobiledevice stack) through 1.12. The main function in plistutil.c can leak memory information or cause a denial of service via too-short Apple Property List data. Affected component/file: plistutil.c in libplist; root cause: buffer over-read when processing pl...
CVE-2015-10082
CVE-2015-10082 affects UIKit0 libplist 1.12; the XML handler’s plist_from_xml function in src/xplist.c is vulnerable to an XML External Entity Reference (XXE). The patch is identified by the hash c086cb139af7c82845f6d565e636073ff4b37440. Documented references across multiple advisories (including...