0.003 Low
EPSS
Percentile
70.5%
libplist is vulnerable to denial of service (DoS) via memory allocation error. The vulnerability exists because it is possible to allocate a large amount of memory, caused by having an arbitrarily huge num_objects value when the offset_size is 0.
seclists.org/oss-sec/2017/q1/279
www.openwall.com/lists/oss-security/2017/01/31/6
www.openwall.com/lists/oss-security/2017/02/02/4
www.securityfocus.com/bid/96022
github.com/libimobiledevice/libplist/commit/26061aac4ec75e7a4469a9aab9a424716223e5c4
github.com/libimobiledevice/libplist/issues/88