VYPR

rpm package

suse/icu&distro=SUSE Linux Enterprise Server 12-LTSS

pkg:rpm/suse/icu&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS

Vulnerabilities (8)

  • CVE-2017-15422MedAug 28, 2018
    affected < 52.1-8.7.1fixed 52.1-8.7.1

    Integer overflow in international date handling in International Components for Unicode (ICU) for C/C++ before 60.1, as used in V8 in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

  • CVE-2017-17484CriDec 10, 2017
    affected < 52.1-8.7.1fixed 52.1-8.7.1

    The ucnv_UTF8FromUTF8 function in ucnv_u8.cpp in International Components for Unicode (ICU) for C/C++ through 60.1 mishandles ucnv_convertEx calls for UTF-8 to UTF-8 conversion, which allows remote attackers to cause a denial of service (stack-based buffer overflow and applicatio

  • CVE-2017-14952CriOct 16, 2017
    affected < 52.1-8.7.1fixed 52.1-8.7.1

    Double free in i18n/zonemeta.cpp in International Components for Unicode (ICU) for C/C++ through 59.1 allows remote attackers to execute arbitrary code via a crafted string, aka a "redundant UVector entry clean up function call" issue.

  • CVE-2017-7868HigApr 14, 2017
    affected < 52.1-8.7.1fixed 52.1-8.7.1

    International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_moveIndex32* function.

  • CVE-2017-7867HigApr 14, 2017
    affected < 52.1-8.7.1fixed 52.1-8.7.1

    International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_setNativeIndex* function.

  • CVE-2016-6293CriJul 25, 2016
    affected < 52.1-8.7.1fixed 52.1-8.7.1

    The uloc_acceptLanguageFromHTTP function in common/uloc.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ does not ensure that there is a '\0' character at the end of a certain temporary array, which allows remote attackers to cause a denial of service (out

  • CVE-2014-8147May 25, 2015
    affected < 52.1-8.7.1fixed 52.1-8.7.1

    The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 uses an integer data type that is inconsistent with a header file, which allows remote attackers to cause

  • CVE-2014-8146May 25, 2015
    affected < 52.1-8.7.1fixed 52.1-8.7.1

    The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 does not properly track directionally isolated pieces of text, which allows remote attackers to cause a de