Heap-based Buffer Overflow in libplist's parse_string_node Function Allows Denial of Service

Heap-based Buffer Overflow in libplist's parse_string_node Function Allows Denial of Service

CVE-2017-6439 · LOW Severity

AV:L/AC:M/AU:N/C:N/I:N/A:P

Heap-based buffer overflow in the parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds write) via a crafted plist file.

Learn more about our Mobile App Penetration Testing.