Search Results | AttackerKB

Show filters

Topics 13 Users 9,712

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

13 Total Results

Displaying 1-10 of 13

Attacker Value

Unknown

CVE-2015-10082

Disclosure Date: February 21, 2023 (last updated October 20, 2023)

A vulnerability classified as problematic has been found in UIKit0 libplist 1.12. This affects the function plist_from_xml of the file src/xplist.c of the component XML Handler. The manipulation leads to xml external entity reference. The patch is named c086cb139af7c82845f6d565e636073ff4b37440. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-221499.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2017-7982

Disclosure Date: April 20, 2017 (last updated November 26, 2024)

Integer overflow in the plist_from_bin function in bplist.c in libimobiledevice/libplist before 2017-04-19 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted plist file.

0

Attacker Value

Unknown

CVE-2017-6439

Disclosure Date: March 15, 2017 (last updated November 26, 2024)

Heap-based buffer overflow in the parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds write) via a crafted plist file.

0

Attacker Value

Unknown

CVE-2017-6437

Disclosure Date: March 15, 2017 (last updated November 26, 2024)

The base64encode function in base64.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds read) via a crafted plist file.

0

Attacker Value

Unknown

CVE-2017-6440

Disclosure Date: March 15, 2017 (last updated November 26, 2024)

The parse_data_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a crafted plist file.

0

Attacker Value

Unknown

CVE-2017-6438

Disclosure Date: March 15, 2017 (last updated November 26, 2024)

Heap-based buffer overflow in the parse_unicode_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds write) and possibly code execution via a crafted plist file.

0

Attacker Value

Unknown

CVE-2017-6435

Disclosure Date: March 15, 2017 (last updated November 26, 2024)

The parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory corruption) via a crafted plist file.

0

Attacker Value

Unknown

CVE-2017-6436

Disclosure Date: March 15, 2017 (last updated November 26, 2024)

The parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a crafted plist file.

0

Attacker Value

Unknown

CVE-2017-5835

Disclosure Date: March 03, 2017 (last updated November 26, 2024)

libplist allows attackers to cause a denial of service (large memory allocation and crash) via vectors involving an offset size of zero.

0

Attacker Value

Unknown

CVE-2017-5834

Disclosure Date: March 03, 2017 (last updated November 26, 2024)

The parse_dict_node function in bplist.c in libplist allows attackers to cause a denial of service (out-of-bounds heap read and crash) via a crafted file.

0