Zhunkio

**Name of the Vulnerable Software and Affected Versions** Jerryscript version 1a2c047 **Description** A stack overflow issue was discovered in Jerryscript via the `vm loop` component at `/jerry-core/vm/vm.c`. **Recommendations** For Jerryscript version 1a2c047, consider restricting access to the `vm loop` component until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** JerryScript version 1.0 **Description** An issue was discovered in the lit read code unit from hex function, which is related to the re parse char class in parser/regexp/re-parser.c. This issue involves a heap-based buffer over-read via a RegExp("[u0") payload. **Recommendations** For JerryScript version 1.0, consider restricting the use of the lit read code unit from hex function and the re parse char class in parser/regexp/re-parser.c until a patch is available. Avoid using the RegExp("[u0") payload in the affected function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** JerryScript version 1.0 **Description** An issue was discovered in JerryScript, where a heap-based buffer over-read occurs in the `lit read code unit from utf8` function. This is related to the `re parse char class` function in `re-parser.c` and can be triggered via a RegExp("[u0020") payload. **Recommendations** For JerryScript version 1.0, consider restricting the use of the `lit read code unit from utf8` function until a patch is available. As a temporary workaround, avoid using the RegExp("[u0020") payload in the affected function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

Name of the Vulnerable Software and Affected Versions: JerryScript version 1.0 Description: An issue was discovered in the lit read code unit from hex function in lit/lit-char-helpers.c, which can be exploited via a RegExp("[x0") payload, resulting in a heap-based buffer over-read. Recommendations: For JerryScript version 1.0, consider restricting the use of the lit read code unit from hex function until a patch is available. Avoid using the RegExp("[x0") payload in the affected function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** libimobiledevice/libplist versions prior to 2017-04-19 **Description** The issue is related to an integer overflow in the `plist from bin` function in `bplist.c`, which allows remote attackers to cause a denial of service, resulting in a heap-based buffer over-read and application crash, via a crafted plist file. **Recommendations** For versions prior to 2017-04-19, update to a version released after 2017-04-19 to resolve the issue. As a temporary workaround, consider restricting the use of crafted plist files to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** libplist version 1.12 **Description** The issue is related to a memory allocation error that can cause a denial of service. It is triggered by a crafted plist file, which affects the `parse data node` function in the bplist.c file of libimobiledevice libplist. **Recommendations** For libplist version 1.12, consider avoiding the use of crafted plist files until a patch is available. As a temporary workaround, restrict the processing of untrusted plist files to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** libplist version 1.12 **Description** The issue is related to a heap-based buffer overflow in the `parse string node` function in `bplist.c` in libimobiledevice libplist. This can be exploited by local users via a crafted plist file, potentially leading to a denial of service due to an out-of-bounds write. **Recommendations** For libplist version 1.12, consider updating to a newer version that contains a fix for this issue, as using a crafted plist file can cause a denial of service. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** libplist version 1.12 **Description** The issue allows local users to cause a denial of service, specifically memory corruption, by utilizing a crafted plist file. This is due to a problem in the parse string node function in bplist.c. **Recommendations** For libplist version 1.12, consider updating to a newer version that addresses this issue, as the current version allows for memory corruption via a crafted plist file. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** libplist version 1.12 **Description** The issue is related to a memory allocation error that can cause a denial of service. It is triggered by a crafted plist file, which affects the `parse string node` function in the bplist.c file of the libimobiledevice libplist. **Recommendations** For libplist version 1.12, consider avoiding the use of crafted plist files until a patch is available. As a temporary workaround, restrict the processing of untrusted plist files to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** libplist version 1.12 **Description** The issue allows local users to cause a denial of service, specifically an out-of-bounds read, by utilizing a crafted plist file. This is due to a problem in the base64encode function located in base64.c. **Recommendations** For libplist version 1.12, consider avoiding the use of the base64encode function until a patch is available. As a temporary workaround, restrict the processing of crafted plist files to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** libplist version 1.12 **Description** The issue is related to a heap-based buffer overflow in the `parse unicode node` function in `bplist.c` in libimobiledevice libplist. This can be exploited by local users via a crafted plist file, potentially leading to a denial of service (out-of-bounds write) and possibly code execution. **Recommendations** For libplist version 1.12, consider updating to a newer version that contains a fix for this issue, as using a crafted plist file can lead to a denial of service and potentially code execution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** libplist (affected versions not specified) **Description** The issue allows attackers to cause a denial of service, resulting in large memory allocation and a crash. This can be achieved through vectors involving an offset size of zero. There is no information available about the estimated number of potentially affected devices or real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** libplist (affected versions not specified) **Description** The issue allows attackers to cause a denial of service, resulting in an out-of-bounds heap read and crash, via a crafted file. This is due to a problem in the parse dict node function in bplist.c. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** libplist versions prior to 1.12 **Description** The issue allows attackers to obtain sensitive information from process memory or cause a denial of service via Apple Property List data that is too short. This is due to a buffer over-read in the main function in plistutil.c. **Recommendations** For versions prior to 1.12, update to version 1.12 or later to resolve the issue. As a temporary workaround, consider restricting the use of Apple Property List data to minimize the risk of exploitation.