Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libplist vulnerabilities and exploits
(subscribe to this query)
5
CVSSv3
CVE-2017-6435
The parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory corruption) via a crafted plist file.
Libplist Project Libplist 1.12
5
CVSSv3
CVE-2017-6436
The parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a crafted plist file.
Libplist Project Libplist 1.12
7.3
CVSSv3
CVE-2017-6438
Heap-based buffer overflow in the parse_unicode_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds write) and possibly code execution via a crafted plist file.
Libplist Project Libplist 1.12
5
CVSSv3
CVE-2017-6437
The base64encode function in base64.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds read) via a crafted plist file.
Libplist Project Libplist 1.12
5
CVSSv3
CVE-2017-6439
Heap-based buffer overflow in the parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds write) via a crafted plist file.
Libplist Project Libplist 1.12
5
CVSSv3
CVE-2017-6440
The parse_data_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a crafted plist file.
Libplist Project Libplist 1.12
5.5
CVSSv3
CVE-2017-5834
The parse_dict_node function in bplist.c in libplist allows malicious users to cause a denial of service (out-of-bounds heap read and crash) via a crafted file.
Libimobiledevice Libplist
7.5
CVSSv3
CVE-2017-5835
libplist allows malicious users to cause a denial of service (large memory allocation and crash) via vectors involving an offset size of zero.
Libimobiledevice Libplist
7.5
CVSSv3
CVE-2017-5836
The plist_free_data function in plist.c in libplist allows malicious users to cause a denial of service (crash) via vectors involving an integer node that is treated as a PLIST_KEY and then triggers an invalid free.
Libimobiledevice Libplist
9.1
CVSSv3
CVE-2017-5545
The main function in plistutil.c in libimobiledevice libplist up to and including 1.12 allows malicious users to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via Apple Property List data that is too short.
Libimobiledevice Libplist
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675
CVE-2024-3400
CVE-2024-23557
mass assignment
CVE-2023-1389
local file inclusion
CVE-2024-32596
file upload
CVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »