VYPR

rpm package

suse/icu&distro=SUSE Linux Enterprise Software Development Kit 11 SP4

pkg:rpm/suse/icu&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4

Vulnerabilities (8)

  • CVE-2017-15422MedAug 28, 2018
    affected < 4.0-47.6.1fixed 4.0-47.6.1

    Integer overflow in international date handling in International Components for Unicode (ICU) for C/C++ before 60.1, as used in V8 in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

  • CVE-2017-17484CriDec 10, 2017
    affected < 4.0-47.6.1fixed 4.0-47.6.1

    The ucnv_UTF8FromUTF8 function in ucnv_u8.cpp in International Components for Unicode (ICU) for C/C++ through 60.1 mishandles ucnv_convertEx calls for UTF-8 to UTF-8 conversion, which allows remote attackers to cause a denial of service (stack-based buffer overflow and applicatio

  • CVE-2017-14952CriOct 16, 2017
    affected < 4.0-47.6.1fixed 4.0-47.6.1

    Double free in i18n/zonemeta.cpp in International Components for Unicode (ICU) for C/C++ through 59.1 allows remote attackers to execute arbitrary code via a crafted string, aka a "redundant UVector entry clean up function call" issue.

  • CVE-2014-9654CriApr 24, 2017
    affected < 4.0-7.30.2fixed 4.0-7.30.2

    The Regular Expressions package in International Components for Unicode (ICU) for C/C++ before 2014-12-03, as used in Google Chrome before 40.0.2214.91, calculates certain values without ensuring that they can be represented in a 24-bit field, which allows remote attackers to cau

  • CVE-2017-7868HigApr 14, 2017
    affected < 4.0-47.6.1fixed 4.0-47.6.1

    International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_moveIndex32* function.

  • CVE-2017-7867HigApr 14, 2017
    affected < 4.0-47.6.1fixed 4.0-47.6.1

    International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_setNativeIndex* function.

  • CVE-2014-9911CriJan 4, 2017
    affected < 4.0-47.3.2fixed 4.0-47.3.2

    Stack-based buffer overflow in the ures_getByKeyWithFallback function in common/uresbund.cpp in International Components for Unicode (ICU) before 54.1 for C/C++ allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted uloc_getDi

  • CVE-2016-6293CriJul 25, 2016
    affected < 4.0-47.6.1fixed 4.0-47.6.1

    The uloc_acceptLanguageFromHTTP function in common/uloc.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ does not ensure that there is a '\0' character at the end of a certain temporary array, which allows remote attackers to cause a denial of service (out