AVG-215 log

Package	libplist
Status	Fixed
Severity	High
Type	multiple issues
Affected	1.12-6
Fixed	2.0.0-1
Current	2.6.0-1 [extra]
Ticket	None
Created	Wed Mar 15 16:59:38 2017

Issue	Severity	Remote	Type	Description
CVE-2017-6440	Medium	No	Denial of service	The parse_data_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a...
CVE-2017-6439	Medium	No	Denial of service	Heap-based buffer overflow in the parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service...
CVE-2017-6438	High	No	Arbitrary command execution	Heap-based buffer overflow in the parse_unicode_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service...
CVE-2017-6437	Medium	No	Denial of service	The base64encode function in base64.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds read) via a crafted...
CVE-2017-6436	Medium	No	Denial of service	The parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a...
CVE-2017-6435	Medium	No	Denial of service	The parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory corruption) via a...
CVE-2017-5836	High	Yes	Denial of service	The plist_free_data function in plist.c in libplist allows attackers to cause a denial of service (crash) via vectors involving an integer node that is...
CVE-2017-5835	High	Yes	Denial of service	libplist allows attackers to cause a denial of service (large memory allocation and crash) via vectors involving an offset size of zero.
CVE-2017-5834	High	No	Denial of service	The parse_dict_node function in bplist.c in libplist allows attackers to cause a denial of service (out-of-bounds heap read and crash) via a crafted file.
CVE-2017-5545	Medium	No	Denial of service	The main function in plistutil.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or cause a...
CVE-2017-5209	High	No	Information disclosure	The base64decode function in base64.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or...

Date	Advisory	Package	Type
16 May 2017	ASA-201705-18	libplist	multiple issues

References
https://github.com/libimobiledevice/libplist/issues/93 https://github.com/libimobiledevice/libplist/issues/94 https://github.com/libimobiledevice/libplist/issues/95 https://github.com/libimobiledevice/libplist/issues/99 https://github.com/libimobiledevice/libplist/issues/98 https://github.com/libimobiledevice/libplist/issues/100 https://github.com/libimobiledevice/libplist/blob/master/NEWS

References

https://github.com/libimobiledevice/libplist/issues/93
https://github.com/libimobiledevice/libplist/issues/94
https://github.com/libimobiledevice/libplist/issues/95
https://github.com/libimobiledevice/libplist/issues/99
https://github.com/libimobiledevice/libplist/issues/98
https://github.com/libimobiledevice/libplist/issues/100
https://github.com/libimobiledevice/libplist/blob/master/NEWS

Notes
Fix is confirmed by: https://github.com/libimobiledevice/libplist/blob/master/NEWS