ID CVE-2017-6437
Summary The base64encode function in base64.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds read) via a crafted plist file.
References
Vulnerable Configurations
  • cpe:2.3:a:libplist_project:libplist:1.12
    cpe:2.3:a:libplist_project:libplist:1.12
CVSS
Base: 1.9 (as of 15-03-2017 - 23:18)
Impact:
Exploitability:
CWE CWE-125
CAPEC
  • Overread Buffers
    An adversary attacks a target by providing input that causes an application to read beyond the boundary of a defined buffer. This typically occurs when a value influencing where to start or stop reading is set to reflect positions outside of the valid memory location of the buffer. This type of attack may result in exposure of sensitive information, a system crash, or arbitrary code execution.
Access
VectorComplexityAuthentication
LOCAL MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2017-953.NASL
    description This update for libplist fixes the following issues : Security issues fixed : - CVE-2017-6439: Heap-based buffer overflow in the parse_string_node function. (bsc#1029638) - CVE-2017-6438: Heap-based buffer overflow in the parse_unicode_node function. (bsc#1029706) - CVE-2017-6437: The base64encode function in base64.c allows local users to cause denial of service (out-of-bounds read) via a crafted plist file. (bsc#1029707) - CVE-2017-6436: Integer overflow in parse_string_node. (bsc#1029751) - CVE-2017-6435: Crafted plist file could lead to Heap-buffer overflow. (bsc#1029639) This update was imported from the SUSE:SLE-12-SP2:Update update project.
    last seen 2019-02-21
    modified 2018-01-26
    plugin id 102568
    published 2017-08-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102568
    title openSUSE Security Update : libplist (openSUSE-2017-953)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2017-D8173AACFF.NASL
    description - Update to upstream 2.0.0 - Fixes the following CVEs plus others - CVE-2017-6440 CVE-2017-6439 CVE-2017-6438 CVE-2017-6437 CVE-2017-6436 CVE-2017-6435 CVE-2017-5836 CVE-2017-5835 CVE-2017-5834 CVE-2017-5545 CVE-2017-5209 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2017-07-17
    plugin id 101732
    published 2017-07-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=101732
    title Fedora 26 : libplist (2017-d8173aacff)
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2017-320-01.NASL
    description New libplist packages are available for Slackware 14.2 and -current to fix security issues.
    last seen 2019-02-21
    modified 2017-11-17
    plugin id 104641
    published 2017-11-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=104641
    title Slackware 14.2 / current : libplist (SSA:2017-320-01)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2017-3849AF4477.NASL
    description Version 2.0.0 Changes : - New light-weight custom XML parser - Remove libxml2 dependency - Refactor binary plist parsing - Improved malformed XML and binary plist detection and error handling - Add parser debug/error output (when compiled with --enable-debug), controlled via environment variables - Fix unicode character handling - Add PLIST_IS_* helper macros for the different node types - Extend date/time range and date conversion issues - Add plist_is_binary() and plist_from_memory() functions to the interface - Plug several memory leaks - Speed improvements for handling large plist files Includes security fixes for : - CVE-2017-6440 - CVE-2017-6439 - CVE-2017-6438 - CVE-2017-6437 - CVE-2017-6436 - CVE-2017-6435 - CVE-2017-5836 - CVE-2017-5835 - CVE-2017-5834 - CVE-2017-5545 - CVE-2017-5209 ... and several others that didn't receive any CVE (yet). Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2017-05-16
    plugin id 100187
    published 2017-05-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100187
    title Fedora 24 : libplist (2017-3849af4477)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2017-4047180CD3.NASL
    description Version 2.0.0 Changes : - New light-weight custom XML parser - Remove libxml2 dependency - Refactor binary plist parsing - Improved malformed XML and binary plist detection and error handling - Add parser debug/error output (when compiled with --enable-debug), controlled via environment variables - Fix unicode character handling - Add PLIST_IS_* helper macros for the different node types - Extend date/time range and date conversion issues - Add plist_is_binary() and plist_from_memory() functions to the interface - Plug several memory leaks - Speed improvements for handling large plist files Includes security fixes for : - CVE-2017-6440 - CVE-2017-6439 - CVE-2017-6438 - CVE-2017-6437 - CVE-2017-6436 - CVE-2017-6435 - CVE-2017-5836 - CVE-2017-5835 - CVE-2017-5834 - CVE-2017-5545 - CVE-2017-5209 ... and several others that didn't receive any CVE (yet). Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2017-05-16
    plugin id 100188
    published 2017-05-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100188
    title Fedora 25 : libplist (2017-4047180cd3)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2017-2201-1.NASL
    description This update for libplist fixes the following issues: Security issues fixed : - CVE-2017-6439: Heap-based buffer overflow in the parse_string_node function. (bsc#1029638) - CVE-2017-6438: Heap-based buffer overflow in the parse_unicode_node function. (bsc#1029706) - CVE-2017-6437: The base64encode function in base64.c allows local users to cause denial of service (out-of-bounds read) via a crafted plist file. (bsc#1029707) - CVE-2017-6436: Integer overflow in parse_string_node. (bsc#1029751) - CVE-2017-6435: Crafted plist file could lead to Heap-buffer overflow. (bsc#1029639) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-30
    plugin id 102578
    published 2017-08-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102578
    title SUSE SLED12 / SLES12 Security Update : libplist (SUSE-SU-2017:2201-1)
refmap via4
bid 97291
misc https://github.com/libimobiledevice/libplist/issues/100
Last major update 03-04-2017 - 21:59
Published 15-03-2017 - 10:59
Back to Top