Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libplist vulnerabilities and exploits
(subscribe to this query)
169
VMScore
CVE-2017-6435
The parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory corruption) via a crafted plist file.
Libplist Project Libplist 1.12
169
VMScore
CVE-2017-6436
The parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a crafted plist file.
Libplist Project Libplist 1.12
169
VMScore
CVE-2017-6437
The base64encode function in base64.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds read) via a crafted plist file.
Libplist Project Libplist 1.12
392
VMScore
CVE-2017-6438
Heap-based buffer overflow in the parse_unicode_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds write) and possibly code execution via a crafted plist file.
Libplist Project Libplist 1.12
169
VMScore
CVE-2017-6439
Heap-based buffer overflow in the parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds write) via a crafted plist file.
Libplist Project Libplist 1.12
169
VMScore
CVE-2017-6440
The parse_data_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a crafted plist file.
Libplist Project Libplist 1.12
445
VMScore
CVE-2017-5836
The plist_free_data function in plist.c in libplist allows malicious users to cause a denial of service (crash) via vectors involving an integer node that is treated as a PLIST_KEY and then triggers an invalid free.
Libimobiledevice Libplist
570
VMScore
CVE-2017-5545
The main function in plistutil.c in libimobiledevice libplist up to and including 1.12 allows malicious users to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via Apple Property List data that is too short.
Libimobiledevice Libplist
383
VMScore
CVE-2017-5834
The parse_dict_node function in bplist.c in libplist allows malicious users to cause a denial of service (out-of-bounds heap read and crash) via a crafted file.
Libimobiledevice Libplist
445
VMScore
CVE-2017-5835
libplist allows malicious users to cause a denial of service (large memory allocation and crash) via vectors involving an offset size of zero.
Libimobiledevice Libplist
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028
CVE-2024-32406
CVE-2024-25624
IMAP
CVE-2024-2310
CVE-2024-0874
CVE-2024-20359
XXE
remote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »