libplist 'parse_unicode_node()' Function Local Heap Buffer Overflow Vulnerability

libplist is prone to a local heap-based buffer overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it into an insufficiently sized buffer.

A local attacker can leverage this issue to execute arbitrary code in the context of affected application. Failed attempts may lead to denial-of-service conditions.

libplist 1.12 is vulnerable; other versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus