Apple · Libplist · CVE-2017-5209
**Name of the Vulnerable Software and Affected Versions**
libplist versions prior to 1.12
**Description**
The issue allows attackers to obtain sensitive information from process memory or cause a denial of service via a buffer over-read in the base64decode function. This occurs when split encoded Apple Property List data is processed.
**Recommendations**
For versions prior to 1.12, update to version 1.12 or later to resolve the issue.