VYPR

rpm package

suse/libplist&distro=SUSE Linux Enterprise Server 12 SP3

pkg:rpm/suse/libplist&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3

Vulnerabilities (5)

  • CVE-2017-6439MedMar 15, 2017
    affected < 1.12-20.3.2fixed 1.12-20.3.2

    Heap-based buffer overflow in the parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds write) via a crafted plist file.

  • CVE-2017-6438HigMar 15, 2017
    affected < 1.12-20.3.2fixed 1.12-20.3.2

    Heap-based buffer overflow in the parse_unicode_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds write) and possibly code execution via a crafted plist file.

  • CVE-2017-6437MedMar 15, 2017
    affected < 1.12-20.3.2fixed 1.12-20.3.2

    The base64encode function in base64.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds read) via a crafted plist file.

  • CVE-2017-6436MedMar 15, 2017
    affected < 1.12-20.3.2fixed 1.12-20.3.2

    The parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a crafted plist file.

  • CVE-2017-6435MedMar 15, 2017
    affected < 1.12-20.3.2fixed 1.12-20.3.2

    The parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory corruption) via a crafted plist file.