Search CVE reports
1 – 10 of 12 results
CVE-2017-7982
Medium prioritySome fixes available 3 of 5
Integer overflow in the plist_from_bin function in bplist.c in libimobiledevice/libplist before 2017-04-19 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted plist file.
1 affected package
libplist
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libplist | — | — | — | — | Fixed |
CVE-2017-6440
Low priorityThe parse_data_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a crafted plist file.
1 affected package
libplist
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libplist | — | — | — | Not affected | Not affected |
CVE-2017-6439
Low priorityHeap-based buffer overflow in the parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds write) via a crafted plist file.
1 affected package
libplist
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libplist | — | — | — | — | Not affected |
CVE-2017-6438
Low priorityHeap-based buffer overflow in the parse_unicode_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds write) and possibly code execution via a crafted plist file.
1 affected package
libplist
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libplist | — | — | — | Not affected | Not affected |
CVE-2017-6437
Negligible priorityThe base64encode function in base64.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds read) via a crafted plist file.
1 affected package
libplist
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libplist | — | — | — | Not affected | Not affected |
CVE-2017-6436
Low priorityThe parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a crafted plist file.
1 affected package
libplist
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libplist | — | — | — | — | Not affected |
CVE-2017-6435
Low priorityThe parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory corruption) via a crafted plist file.
1 affected package
libplist
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libplist | Not affected | Not affected | Not affected | Not affected | Vulnerable |
CVE-2017-5836
Low priorityThe plist_free_data function in plist.c in libplist allows attackers to cause a denial of service (crash) via vectors involving an integer node that is treated as a PLIST_KEY and then triggers an invalid free.
1 affected package
libplist
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libplist | Not affected | Not affected | Not affected | Not affected | Vulnerable |
CVE-2017-5835
Negligible prioritylibplist allows attackers to cause a denial of service (large memory allocation and crash) via vectors involving an offset size of zero.
1 affected package
libplist
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libplist | Not affected | Not affected | Not affected | Not affected | Vulnerable |
CVE-2017-5834
Negligible priorityThe parse_dict_node function in bplist.c in libplist allows attackers to cause a denial of service (out-of-bounds heap read and crash) via a crafted file.
1 affected package
libplist
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libplist | Not affected | Not affected | Not affected | Not affected | Vulnerable |