[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] CVE request: multiples vulnerabilities in libplist
From: <nikola.sc () keemail ! me>
Date: 2017-01-31 14:09:58
Message-ID: Kbor4aA--3-0 () keemail ! me
[Download RAW message or body]
Fixed in libplist, a library to handle Apple Property List format in binary=
or XML.=C2=A0Debian and Ubuntu are using vulnerable versions.https://githu=
b.com/libimobiledevice/libplist
Public issues:heap-buffer-overflow in parse_dict_node
https://github.com/libimobiledevice/libplist/issues/89
memory allocation errorhttps://github.com/libimobiledevice/libplist/issues/=
88
heap-buffer-overflow=C2=A0CVE-2017-5545 used in
https://github.com/libimobiledevice/libplist/issues/87
issue in plist_free_data plist.c:185
https://github.com/libimobiledevice/libplist/issues/86
Regards, Nikola
--
Nikola s.c
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic