commit | c086cb139af7c82845f6d565e636073ff4b37440 | [log] [tgz] |
---|---|---|
author | Martin Szulecki <m.szulecki@libimobiledevice.org> | Fri Jan 23 14:56:59 2015 +0100 |
committer | Martin Szulecki <m.szulecki@libimobiledevice.org> | Fri Jan 23 14:56:59 2015 +0100 |
tree | 3ef0f3c685237cd537e5407eee1b85139cd84359 | |
parent | 82a6acc44759a4b0afb8110d682bc32edc1fd602 [diff] |
xplist: Fix limited but possible XXE security vulnerability with XML plists By using a specifically crafted XML file an attacker could use plistutil to issue a GET request to an arbitrary URL or disclose a local file. The crafted XML file would be using a custom DTD with an external entity reference pointing to the file. Practical abuse is limited but let's still fix it nevertheless. Related to CVE-2013-0339 for libxml2 and CWE-827. Reported by Loïc Bénis from calypt.com. Thanks!