CVE-2015-10082

CVSS v2.0

5.2

Medium

Vector

AV:A/AC:L/Au:S/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions libplist version 1.12

Description A problematic issue has been found in the XML Handler component of libplist, specifically affecting the plist from xml function in the src/xplist.c file. This issue leads to an xml external entity reference.

Recommendations To fix this issue, apply the patch named c086cb139af7c82845f6d565e636073ff4b37440. As a temporary workaround, consider restricting the use of the plist from xml function in the XML Handler component until the patch is applied.

Fix

XXE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-611

Related Identifiers

ALT-PU-2017-1551

CVE-2015-10082

SUSE-SU-2023:0872-1

SUSE-SU-2023_0872-1

Affected Products

Alt Linux

Suse

Libplist

CVE-2015-10082

Weakness Enumeration

Related Identifiers

Affected Products

References · 35