Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libplist vulnerabilities and exploits
(subscribe to this query)
1.9
CVSSv2
CVE-2017-6435
The parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory corruption) via a crafted plist file.
Libplist Project Libplist 1.12
1.9
CVSSv2
CVE-2017-6436
The parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a crafted plist file.
Libplist Project Libplist 1.12
4.4
CVSSv2
CVE-2017-6438
Heap-based buffer overflow in the parse_unicode_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds write) and possibly code execution via a crafted plist file.
Libplist Project Libplist 1.12
1.9
CVSSv2
CVE-2017-6437
The base64encode function in base64.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds read) via a crafted plist file.
Libplist Project Libplist 1.12
1.9
CVSSv2
CVE-2017-6439
Heap-based buffer overflow in the parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds write) via a crafted plist file.
Libplist Project Libplist 1.12
1.9
CVSSv2
CVE-2017-6440
The parse_data_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a crafted plist file.
Libplist Project Libplist 1.12
4.3
CVSSv2
CVE-2017-5834
The parse_dict_node function in bplist.c in libplist allows malicious users to cause a denial of service (out-of-bounds heap read and crash) via a crafted file.
Libimobiledevice Libplist
5
CVSSv2
CVE-2017-5835
libplist allows malicious users to cause a denial of service (large memory allocation and crash) via vectors involving an offset size of zero.
Libimobiledevice Libplist
5
CVSSv2
CVE-2017-5836
The plist_free_data function in plist.c in libplist allows malicious users to cause a denial of service (crash) via vectors involving an integer node that is treated as a PLIST_KEY and then triggers an invalid free.
Libimobiledevice Libplist
6.4
CVSSv2
CVE-2017-5545
The main function in plistutil.c in libimobiledevice libplist up to and including 1.12 allows malicious users to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via Apple Property List data that is too short.
Libimobiledevice Libplist
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32744
privilege escalation
CVE-2024-30253
CVE-2024-3914
cross-site scripting
CVE-2024-31497
CVE-2024-3400
CVE-2024-32341
hardcoded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »