VYPR
Critical severity9.8NVD Advisory· Published Jul 25, 2016· Updated Jun 17, 2026

CVE-2016-6293

CVE-2016-6293

Description

The uloc_acceptLanguageFromHTTP function in common/uloc.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ does not ensure that there is a '\0' character at the end of a certain temporary array, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a call with a long httpAcceptLanguage argument.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

18

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.