5
CVSSv3

CVE-2017-6440

Published: 15/03/2017 Updated: 03/10/2019
CVSS v2 Base Score: 1.9 | Impact Score: 2.9 | Exploitability Score: 3.4
CVSS v3 Base Score: 5 | Impact Score: 3.6 | Exploitability Score: 1.3
VMScore: 169
Vector: AV:L/AC:M/Au:N/C:N/I:N/A:P

Vulnerability Summary

The parse_data_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a crafted plist file.

Vulnerable Product Search on Vulmon Subscribe to Product

libplist project libplist 1.12

Vendor Advisories

Debian Bug report logs - #858055 libplist: CVE-2017-6440: Memory allocation error in parse_data_node Package: src:libplist; Maintainer for src:libplist is gtkpod Maintainers <pkg-gtkpod-devel@alioth-listsdebiannet>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 17 Mar 2017 19:33:05 UTC Severity: ...
Debian Bug report logs - #858787 libplist: CVE-2017-6437 Package: src:libplist; Maintainer for src:libplist is gtkpod Maintainers <pkg-gtkpod-devel@alioth-listsdebiannet>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 26 Mar 2017 19:39:04 UTC Severity: important Tags: fixed-upstream, patch Found ...
Debian Bug report logs - #860945 libplist: CVE-2017-7982: denial of service (heap-based buffer over-read and application crash) via a crafted plist file Package: src:libplist; Maintainer for src:libplist is gtkpod Maintainers <pkg-gtkpod-devel@alioth-listsdebiannet>; Reported by: Salvatore Bonaccorso <carnil@debianorg&g ...
Debian Bug report logs - #858786 libplist: CVE-2017-6438 Package: src:libplist; Maintainer for src:libplist is gtkpod Maintainers <pkg-gtkpod-devel@alioth-listsdebiannet>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 26 Mar 2017 19:39:01 UTC Severity: important Tags: fixed-upstream, patch, secur ...
The parse_data_node function in bplistc in libimobiledevice libplist 112 allows local users to cause a denial of service (memory allocation error) via a crafted plist file ...
The parse_data_node function in bplistc in libimobiledevice libplist 112 allows local users to cause a denial of service (memory allocation error) via a crafted plist file ...