Computer Security
[EN] securityvulns.ru no-pyccku


libicu multibyte character sequences invalid parsing.
Published:18.09.2009
Source:
SecurityVulns ID:10248
Type:library
Threat Level:
5/10
Affected:ICU : libicu 3.8
CVE:CVE-2009-0153 (International Components for Unicode (ICU) 4.0, 3.6, and other 3.x versions, as used in Apple Mac OS X 10.5 before 10.5.7, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Fedora 9 and 10, and possibly other operating systems, does not properly handle invalid byte sequences during Unicode conversion, which might allow remote attackers to conduct cross-site scripting (XSS) attacks.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 1889-1] New icu packages correct multibyte sequence parsing (18.09.2009)

Multiple BSD and Linux systems strfmon() libc / glibc function integer overflow
updated since 27.03.2008
Published:18.09.2009
Source:
SecurityVulns ID:8843
Type:library
Threat Level:
7/10
Description:Integer overflow on format specificator in strfmon(). NULL pointer dereference in printf().
Affected:GNU : glibc 2.10
CVE:CVE-2008-1391
Original documentdocumentMaksymilian Arciemowicz, SecurityReason: glibc x<=2.10.1 stdio/strfmon.c Multiple vulnerabilities (18.09.2009)
 documentChristos Zoulas, Re: [securityreason] *BSD libc (strfmon) Multiple vulnerabilities (28.03.2008)
 documentMaksymilian Arciemowicz, [securityreason] *BSD libc (strfmon) Multiple vulnerabilities (27.03.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod