Lucene search
K
Libplist ProjectLibplist

6 matches found

CVE
CVE
added 2017/03/15 2:0 p.m.80 views

CVE-2017-6436

CVE-2017-6436 affects libplist (libimobiledevice/libplist 1.12). The vulnerability resides in the parse_string_node function in bplist.c and can be triggered by a crafted plist file to cause a denial of service via a memory allocation error, via local access. Impact is DoS on affected systems; ex...

5CVSS6AI score0.00507EPSS
CVE
CVE
added 2017/03/15 2:0 p.m.79 views

CVE-2017-6435

CVE-2017-6435 affects libimobiledevice libplist 1.12. The parse_string_node function in bplist.c is reported to allow local users to cause a denial of service through a crafted plist file, resulting in memory corruption. The vulnerability is locally exploitable; the description does not specify e...

5CVSS6AI score0.00527EPSS
CVE
CVE
added 2017/03/15 2:0 p.m.76 views

CVE-2017-6437

The CVE-2017-6437 entry concerns the base64encode function in base64.c of libimobiledevice libplist 1.12. Connected sources confirm this component/library combination and describe the vulnerability as a local-denial-of-service condition caused by an out-of-bounds read when processing a crafted pl...

5CVSS6AI score0.00426EPSS
CVE
CVE
added 2017/03/15 2:0 p.m.75 views

CVE-2017-6439

CVE-2017-6439 is a heap-based buffer overflow in the parse_string_node function of libimobiledevice/libplist 1.12. It allows local users to cause a denial of service via a crafted plist file (out-of-bounds write). Affected software: libimobiledevice/libplist (version 1.12). Connected sources conf...

5CVSS6.3AI score0.00532EPSS
CVE
CVE
added 2017/03/15 2:0 p.m.72 views

CVE-2017-6438

CVE-2017-6438 affects libplist (libimobiledevice/libplist) 1.12, via a heap-based buffer overflow in parse_unicode_node() in bplist.c that can cause a denial of service and potentially code execution with a crafted plist. A patch/update is available from upstream/maintainers (refs in Red Hat Mage...

7.3CVSS7.9AI score0.0065EPSS
CVE
CVE
added 2017/03/15 2:0 p.m.65 views

CVE-2017-6440

The CVE-2017-6440 entry concerns libimobiledevice libplist 1.12. The vulnerable component is the parse_data_node function in bplist.c, where crafted plist files can trigger a memory allocation error, allowing local users to cause a denial of service. The linked OpenVAS/Nessus entries corroborate ...

5CVSS6AI score0.00422EPSS