diff options
| author | 2015-01-23 14:56:59 +0100 | |
|---|---|---|
| committer | 2015-01-23 14:56:59 +0100 | |
| commit | c086cb139af7c82845f6d565e636073ff4b37440 (patch) | |
| tree | 3ef0f3c685237cd537e5407eee1b85139cd84359 /test/emptycmp.test | |
| parent | 82a6acc44759a4b0afb8110d682bc32edc1fd602 (diff) | |
| download | libplist-c086cb139af7c82845f6d565e636073ff4b37440.tar.gz libplist-c086cb139af7c82845f6d565e636073ff4b37440.tar.bz2 | |
xplist: Fix limited but possible XXE security vulnerability with XML plists
By using a specifically crafted XML file an attacker could use plistutil
to issue a GET request to an arbitrary URL or disclose a local file.
The crafted XML file would be using a custom DTD with an external entity
reference pointing to the file. Practical abuse is limited but let's still
fix it nevertheless. Related to CVE-2013-0339 for libxml2 and CWE-827.
Reported by Loïc Bénis from calypt.com. Thanks!
Diffstat (limited to 'test/emptycmp.test')
0 files changed, 0 insertions, 0 deletions
