AVG-215

Package libplist
Status Fixed
Severity High
Type multiple issues
Affected 1.12-6
Fixed 2.0.0-1
Current 2.0.0+11+gec9ba8b-2 [extra]
Ticket None
Created Wed Mar 15 16:59:38 2017
Issue Severity Remote Type Description
CVE-2017-6440 Medium No Denial of service
The parse_data_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a...
CVE-2017-6439 Medium No Denial of service
Heap-based buffer overflow in the parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service...
CVE-2017-6438 High No Arbitrary command execution
Heap-based buffer overflow in the parse_unicode_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service...
CVE-2017-6437 Medium No Denial of service
The base64encode function in base64.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds read) via a crafted...
CVE-2017-6436 Medium No Denial of service
The parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a...
CVE-2017-6435 Medium No Denial of service
The parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory corruption) via a...
CVE-2017-5836 High Yes Denial of service
The plist_free_data function in plist.c in libplist allows attackers to cause a denial of service (crash) via vectors involving an integer node that is...
CVE-2017-5835 High Yes Denial of service
libplist allows attackers to cause a denial of service (large memory allocation and crash) via vectors involving an offset size of zero.
CVE-2017-5834 High No Denial of service
The parse_dict_node function in bplist.c in libplist allows attackers to cause a denial of service (out-of-bounds heap read and crash) via a crafted file.
CVE-2017-5545 Medium No Denial of service
The main function in plistutil.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or cause a...
CVE-2017-5209 High No Information disclosure
The base64decode function in base64.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or...
Date Advisory Package Description
16 May 2017 ASA-201705-18 libplist multiple issues
References
https://github.com/libimobiledevice/libplist/issues/93
https://github.com/libimobiledevice/libplist/issues/94
https://github.com/libimobiledevice/libplist/issues/95
https://github.com/libimobiledevice/libplist/issues/99
https://github.com/libimobiledevice/libplist/issues/98
https://github.com/libimobiledevice/libplist/issues/100
https://github.com/libimobiledevice/libplist/blob/master/NEWS
Notes
Fix is confirmed by: https://github.com/libimobiledevice/libplist/blob/master/NEWS