Computer Security
[EN] no-pyccku

DescriptionThe resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 does not properly track directionally isolated pieces of text, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary code via crafted text.
CVSS score7,5
CVSS vector(AV:N/AC:L/Au:N/C:P/I:P/A:P)
PhaseASSIGNED (09.10.2015)
ReferencesCONFIRM :
 CERT-VN : VU#602540
 MLIST : [oss-security] 20150505 [CVE-2014-8146/8147] - ICU heap and integer overflows / I-C-U-FAIL
SecurityVulns:libicu security vulnerabilities
 Apple iOS multiple security vulnerabilities
 Apple iTunes multiple security vulnerabilities
 Apple watchOS security vulnerabilities
 Apple Mac OS X / Mac EFI / OS X Server multiple security vulnerabilities
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod