3 matches found
CVE-2017-5834
CVE-2017-5834 affects the libplist library. The parse_dict_node function in bplist.c can cause a denial of service via an out-of-bounds heap read/crash when presented with a crafted plist file. Some advisories note upstream fixes in later libplist releases (e.g., 2.0.0+), with distributions like ...
CVE-2017-5835
CVE-2017-5835 is a denial-of-service issue in the libplist library caused by a memory allocation pattern tied to an offset size of zero in plist processing. Public advisories describe it as a memory‑allocation crash vector in libplist’s handling of certain crafted plist inputs. The affected compo...
CVE-2017-5836
CVE-2017-5836 affects libplist (plist_free_data in plist.c). The vulnerability allows a denial-of-service crash via an attack vector where an integer node is treated as a PLIST_KEY, triggering an invalid free. Affected reports (e.g., Red Hat/NASL summaries and EulerOS notes) consistently cite DoS...