Libplist

CVEs (6)

CVE	Sev	Risk	CVSS	Published	Description
CVE-2017-6438	Hig	0.47	7.3	Mar 15, 2017	Heap-based buffer overflow in the parse_unicode_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds write) and possibly code execution via a crafted plist file.
CVE-2017-6440	Med	0.33	5.0	Mar 15, 2017	The parse_data_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a crafted plist file.
CVE-2017-6439	Med	0.33	5.0	Mar 15, 2017	Heap-based buffer overflow in the parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds write) via a crafted plist file.
CVE-2017-6437	Med	0.33	5.0	Mar 15, 2017	The base64encode function in base64.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds read) via a crafted plist file.
CVE-2017-6436	Med	0.33	5.0	Mar 15, 2017	The parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a crafted plist file.
CVE-2017-6435	Med	0.33	5.0	Mar 15, 2017	The parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory corruption) via a crafted plist file.

CVE-2017-6438HigMar 15, 2017
risk 0.47cvss 7.3epss 0.00
Heap-based buffer overflow in the parse_unicode_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds write) and possibly code execution via a crafted plist file.
CVE-2017-6440MedMar 15, 2017
risk 0.33cvss 5.0epss 0.00
The parse_data_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a crafted plist file.
CVE-2017-6439MedMar 15, 2017
risk 0.33cvss 5.0epss 0.00
Heap-based buffer overflow in the parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds write) via a crafted plist file.
CVE-2017-6437MedMar 15, 2017
risk 0.33cvss 5.0epss 0.00
The base64encode function in base64.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds read) via a crafted plist file.
CVE-2017-6436MedMar 15, 2017
risk 0.33cvss 5.0epss 0.00
The parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a crafted plist file.
CVE-2017-6435MedMar 15, 2017
risk 0.33cvss 5.0epss 0.00
The parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory corruption) via a crafted plist file.