oss-sec mailing list archives
CVE request: multiples vulnerabilities in libplist
From: <nikola.sc () keemail me>
Date: Tue, 31 Jan 2017 15:09:58 +0100 (CET)
Fixed in libplist, a library to handle Apple Property List format in binary or XML. Debian and Ubuntu are using vulnerable versions.https://github.com/libimobiledevice/libplist Public issues:heap-buffer-overflow in parse_dict_node https://github.com/libimobiledevice/libplist/issues/89 memory allocation errorhttps://github.com/libimobiledevice/libplist/issues/88 heap-buffer-overflow CVE-2017-5545 used in https://github.com/libimobiledevice/libplist/issues/87 issue in plist_free_data plist.c:185 https://github.com/libimobiledevice/libplist/issues/86 Regards, Nikola -- Nikola s.c
Current thread:
- CVE request: multiples vulnerabilities in libplist nikola.sc (Jan 31)
- Re: CVE request: multiples vulnerabilities in libplist cve-assign (Feb 01)