Vulnerabilities > Libimobiledevice > Libplist > 1.10

DATE CVE VULNERABILITY TITLE RISK
2017-04-20 CVE-2017-7982 Integer Overflow or Wraparound vulnerability in Libimobiledevice Libplist
Integer overflow in the plist_from_bin function in bplist.c in libimobiledevice/libplist before 2017-04-19 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted plist file.
local
low complexity
libimobiledevice CWE-190
5.5
2017-01-21 CVE-2017-5545 Out-of-bounds Read vulnerability in Libimobiledevice Libplist
The main function in plistutil.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via Apple Property List data that is too short.
network
low complexity
libimobiledevice CWE-125
critical
9.1
2017-01-11 CVE-2017-5209 Out-of-bounds Read vulnerability in Libimobiledevice Libplist
The base64decode function in base64.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via split encoded Apple Property List data.
network
low complexity
libimobiledevice CWE-125
critical
9.1