6 matches found
CVE-2017-6436
CVE-2017-6436 affects libplist (libimobiledevice/libplist 1.12). The vulnerability resides in the parse_string_node function in bplist.c and can be triggered by a crafted plist file to cause a denial of service via a memory allocation error, via local access. Impact is DoS on affected systems; ex...
CVE-2017-6435
CVE-2017-6435 affects libimobiledevice libplist 1.12. The parse_string_node function in bplist.c is reported to allow local users to cause a denial of service through a crafted plist file, resulting in memory corruption. The vulnerability is locally exploitable; the description does not specify e...
CVE-2017-6437
The CVE-2017-6437 entry concerns the base64encode function in base64.c of libimobiledevice libplist 1.12. Connected sources confirm this component/library combination and describe the vulnerability as a local-denial-of-service condition caused by an out-of-bounds read when processing a crafted pl...
CVE-2017-6439
CVE-2017-6439 is a heap-based buffer overflow in the parse_string_node function of libimobiledevice/libplist 1.12. It allows local users to cause a denial of service via a crafted plist file (out-of-bounds write). Affected software: libimobiledevice/libplist (version 1.12). Connected sources conf...
CVE-2017-6438
CVE-2017-6438 affects libplist (libimobiledevice/libplist) 1.12, via a heap-based buffer overflow in parse_unicode_node() in bplist.c that can cause a denial of service and potentially code execution with a crafted plist. A patch/update is available from upstream/maintainers (refs in Red Hat Mage...
CVE-2017-6440
The CVE-2017-6440 entry concerns libimobiledevice libplist 1.12. The vulnerable component is the parse_data_node function in bplist.c, where crafted plist files can trigger a memory allocation error, allowing local users to cause a denial of service. The linked OpenVAS/Nessus entries corroborate ...