Denial Of Service (DoS)

2017-03-2006:27:10

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.0004 Low

EPSS

Percentile

5.1%

JSON

libplist is susceptible to denial of service (DOS) attacks. The vulnerability exists because the base64encode function in ‘base64.c’ does not handle out-of-bounds reads and causes a memory error, allowing a DoS attack via plif file locally.

CPENameOperatorVersion
libplistle1.11

CPE	Name	Operator	Version
	libplist	le	1.11

References

bugzilla.redhat.com/show_bug.cgi?id=1432971

github.com/libimobiledevice/libplist/issues/100

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for VERACODE:3688