CVE-2017-5209

CRITICAL9.1EPSS 0.20%

libplist - security update

發布日:2017/1/11修改日:2026/4/28

描述

The base64decode function in base64.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via split encoded Apple Property List data.

受影響套件(3)

Debian/libplistfrom 0, < 1.12+git+1+e37ca00-0.1
Debian/libplistfrom 0, < 1.11-3+deb8u1
Debian/libplistfrom 0, < 1.8-1+deb7u1

CVSS 分數

來源	版本	嚴重程度	向量
osv	CVSS 3.1	CRITICAL9.1	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2017-5209