MidnightBSD

Advisories for libplist_project

CVE-2017-6435 LOW

The parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory corruption) via a crafted plist file.

CVSS 2.0

Severity: LOW

Problem Type: CWE-119,

Products Affected

Vendor Product Version
libplist_project libplist 1.12
CVE-2017-6436 LOW

The parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a crafted plist file.

CVSS 2.0

Severity: LOW

Problem Type: CWE-20,CWE-119,

Products Affected

Vendor Product Version
libplist_project libplist 1.12
CVE-2017-6437 LOW

The base64encode function in base64.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds read) via a crafted plist file.

CVSS 2.0

Severity: LOW

Problem Type: CWE-125,

Products Affected

Vendor Product Version
libplist_project libplist 1.12
CVE-2017-6438 MEDIUM

Heap-based buffer overflow in the parse_unicode_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds write) and possibly code execution via a crafted plist file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
libplist_project libplist 1.12
CVE-2017-6439 LOW

Heap-based buffer overflow in the parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds write) via a crafted plist file.

CVSS 2.0

Severity: LOW

Problem Type: CWE-787,

Products Affected

Vendor Product Version
libplist_project libplist 1.12
CVE-2017-6440 LOW

The parse_data_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a crafted plist file.

CVSS 2.0

Severity: LOW

Problem Type: CWE-20,CWE-190,CWE-787,

Products Affected

Vendor Product Version
libplist_project libplist 1.12