Heap-based Buffer Overflow in libplist's parse_unicode_node Function

CVE-2017-6438 · MEDIUM Severity

AV:L/AC:M/AU:N/C:P/I:P/A:P

Heap-based buffer overflow in the parse_unicode_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds write) and possibly code execution via a crafted plist file.

Learn more about our Mobile App Penetration Testing.