Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libimobiledevice libplist 1.12 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-10082
A vulnerability classified as problematic has been found in UIKit0 libplist 1.12. This affects the function plist_from_xml of the file src/xplist.c of the component XML Handler. The manipulation leads to xml external entity reference. The patch is named c086cb139af7c82845f6d565e6...
Libimobiledevice Libplist 1.12
6.4
CVSSv2
CVE-2017-5545
The main function in plistutil.c in libimobiledevice libplist up to and including 1.12 allows malicious users to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via Apple Property List data that is too short.
Libimobiledevice Libplist
6.4
CVSSv2
CVE-2017-5209
The base64decode function in base64.c in libimobiledevice libplist up to and including 1.12 allows malicious users to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via split encoded Apple Property List data.
Libimobiledevice Libplist
1.9
CVSSv2
CVE-2017-6435
The parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory corruption) via a crafted plist file.
Libplist Project Libplist 1.12
1.9
CVSSv2
CVE-2017-6436
The parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a crafted plist file.
Libplist Project Libplist 1.12
1.9
CVSSv2
CVE-2017-6440
The parse_data_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a crafted plist file.
Libplist Project Libplist 1.12
1.9
CVSSv2
CVE-2017-6439
Heap-based buffer overflow in the parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds write) via a crafted plist file.
Libplist Project Libplist 1.12
4.4
CVSSv2
CVE-2017-6438
Heap-based buffer overflow in the parse_unicode_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds write) and possibly code execution via a crafted plist file.
Libplist Project Libplist 1.12
1.9
CVSSv2
CVE-2017-6437
The base64encode function in base64.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds read) via a crafted plist file.
Libplist Project Libplist 1.12
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-26978
CVE-2024-26982
wireless
CVE-2023-6949
CVE-2024-26980
CVE-2024-32766
CVE-2024-26939
cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started