Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DLA-219-1:C7AC1
HistoryMay 14, 2015 - 9:45 a.m.

[SECURITY] [DLA 219-1] icu security update

2015-05-1409:45:27
lists.debian.org
21

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.057 Low

EPSS

Percentile

93.2%

JSON

Package : icu
Version : 4.4.1-8+squeeze3
CVE ID : CVE-2013-1569 CVE-2013-2383 CVE-2013-2384 CVE-2013-2419
CVE-2014-6585 CVE-2014-6591 CVE-2014-7923 CVE-2014-7926
CVE-2014-7940 CVE-2014-9654

Several vulnerabilities were discovered in the International Components
for Unicode (ICU) library:

CVE-2013-1569

Glyph table issue.

CVE-2013-2383

Glyph table issue.

CVE-2013-2384

Font layout issue.

CVE-2013-2419

Font processing issue.

CVE-2014-6585

Out-of-bounds read.

CVE-2014-6591

Additional out-of-bounds reads.

CVE-2014-7923

Memory corruption in regular expression comparison.

CVE-2014-7926

Memory corruption in regular expression comparison.

CVE-2014-7940

Uninitialized memory.

CVE-2014-9654

More regular expression flaws.

For Debian 6 “Squeeze”, these issues have been fixed in icu version
4.4.1-8+squeeze3.
Attachment:
signature.asc
Description: Digital signature

OSVersionArchitecturePackageVersionFilename
Debian7mipsellibicu48-dbg< 4.8.1.1-12+deb7u2libicu48-dbg_4.8.1.1-12+deb7u2_mipsel.deb
Debian6amd64libicu44-dbg< 4.4.1-8+squeeze3libicu44-dbg_4.4.1-8+squeeze3_amd64.deb
Debian7kfreebsd-amd64libicu48< 4.8.1.1-12+deb7u2libicu48_4.8.1.1-12+deb7u2_kfreebsd-amd64.deb
Debian7armellibicu-dev< 4.8.1.1-12+deb7u2libicu-dev_4.8.1.1-12+deb7u2_armel.deb
Debian7allicu< 4.8.1.1-12+deb7u2icu_4.8.1.1-12+deb7u2_all.deb
Debian6allicu-doc< 4.4.1-8+squeeze3icu-doc_4.4.1-8+squeeze3_all.deb
Debian7armhflibicu48-dbg< 4.8.1.1-12+deb7u2libicu48-dbg_4.8.1.1-12+deb7u2_armhf.deb
Debian6i386libicu44< 4.4.1-8+squeeze3libicu44_4.4.1-8+squeeze3_i386.deb
Debian7powerpclibicu48-dbg< 4.8.1.1-12+deb7u2libicu48-dbg_4.8.1.1-12+deb7u2_powerpc.deb
Debian7s390xlibicu48-dbg< 4.8.1.1-12+deb7u2libicu48-dbg_4.8.1.1-12+deb7u2_s390x.deb
Rows per page:
1-10 of 511

Related

nessus 42
openvas 60
debian 2
ubuntu 3
securityvulns 4
osv 2
fedora 16
gentoo 1
mageia 2
cve 10
debiancve 10
prion 10
ubuntucve 10
veracode 6
ibm 5
suse 2
seebug 1
zdt 1
exploitpack 1
zdi 3
redhat 3
packetstorm 1
exploitdb 1
centos 1
amazon 1
oraclelinux 1
nessus
nessus
Ubuntu 12.04 LTS : icu regression (USN-2522-2)
2015-03-09 00:00:00
Ubuntu 14.04 LTS : ICU vulnerabilities (USN-2522-1)
2015-03-06 00:00:00
Ubuntu 12.04 LTS : icu vulnerabilities (USN-2522-3)
2015-03-11 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-2522-1)
2015-03-06 00:00:00
Debian: Security Advisory (DSA-3187-1)
2015-03-14 00:00:00
Debian: Security Advisory (DLA-219-1)
2023-03-08 00:00:00
debian
debian
[SECURITY] [DSA 3187-1] icu security update
2015-03-15 05:02:23
[SECURITY] [DSA 3187-1] icu security update
2015-03-15 05:02:23
ubuntu
ubuntu
ICU vulnerabilities
2015-03-10 00:00:00
ICU regression
2015-03-06 00:00:00
ICU vulnerabilities
2015-03-05 00:00:00
securityvulns
securityvulns
libicu multiple security vulnerabilities
2015-03-07 00:00:00
[USN-2522-1] ICU vulnerabilities
2015-03-07 00:00:00
SEC Consult SA-20130417-1 :: Java ActiveX Control Memory Corruption
2013-04-22 00:00:00
osv
osv
icu - security update
2015-03-15 00:00:00
icu - security update
2015-05-14 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: icu-52.1-6.fc21
2015-04-28 12:58:53
[SECURITY] Fedora 23 Update: icu-54.1-5.fc23
2015-09-24 05:27:12
[SECURITY] Fedora 22 Update: icu-54.1-4.fc22
2015-10-13 17:07:12
gentoo
gentoo
ICU: Multiple Vulnerabilities
2015-03-14 00:00:00
mageia
mageia
Updated icu packages fix security vulnerabilities
2015-01-31 16:23:52
Updated icu packages fix security vulnerability
2015-03-10 19:48:25
cve
cve
CVE-2014-9654
2017-04-24 06:59:00
CVE-2013-2383
2013-04-17 18:55:00
CVE-2013-2384
2013-04-17 18:55:00
debiancve
debiancve
CVE-2014-9654
2017-04-24 06:59:00
CVE-2013-2384
2013-04-17 18:55:00
CVE-2013-2383
2013-04-17 18:55:00
prion
prion
Design/Logic Flaw
2013-04-17 18:55:00
Design/Logic Flaw
2013-04-17 18:55:00
Design/Logic Flaw
2015-01-21 15:28:00
ubuntucve
ubuntucve
CVE-2013-2383
2013-04-17 00:00:00
CVE-2013-2384
2013-04-17 00:00:00
CVE-2014-6585
2015-01-21 00:00:00
veracode
veracode
Information Disclosure
2019-01-15 09:04:21
Information Disclosure
2019-05-02 05:07:16
Improper Access Control
2019-05-02 04:44:36
ibm
ibm
Security Bulletin: TADDM is vulnerable to a denial of service due to vulnerabilities in ICU4J Library
2023-04-26 14:21:56
Security Bulletin: Vulnerability in icu affects IBM Flex System Chassis Management Module (CVE-2014-9654)
2019-01-31 02:25:02
Security Bulletin: A vulnerability in icu affects IBM Flex System Manager (FSM) (CVE-2014-9654)
2018-06-18 01:30:48
suse
suse
Security update for Java 1.4.2 (important)
2013-06-10 18:09:23
Security update for java-1_6_0-openjdk (important)
2013-05-21 20:04:20
seebug
seebug
Java Web Start Launcher ActiveX Control - Memory Corruption
2014-07-01 00:00:00
zdt
zdt
Java Web Start Launcher ActiveX Control - Memory Corruption
2013-04-18 00:00:00
exploitpack
exploitpack
Java Web Start Launcher ActiveX Control - Memory Corruption
2013-04-18 00:00:00
zdi
zdi
Oracle Java GSUB TTF Table LookupCount Remote Code Execution Vulnerability
2013-05-10 00:00:00
Oracle Java mort TTF Table Ligature Substitution Remote Code Execution Vulnerability
2013-05-10 00:00:00
Oracle Java mort TTF Table Remote Code Execution Vulnerability
2013-05-10 00:00:00
redhat
redhat
(RHSA-2013:0855) Important: java-1.5.0-ibm security update
2013-05-22 00:00:00
(RHSA-2013:0770) Important: java-1.6.0-openjdk security update
2013-04-24 00:00:00
(RHSA-2015:0136) Important: java-1.5.0-ibm security update
2015-02-05 00:00:00
packetstorm
packetstorm
Java Web Start Launcher Memory Corruption
2013-04-17 00:00:00
exploitdb
exploitdb
Java Web Start Launcher ActiveX Control - Memory Corruption
2013-04-18 00:00:00
centos
centos
java security update
2013-04-24 20:56:24
amazon
amazon
Important: java-1.6.0-openjdk
2013-04-25 20:40:00
oraclelinux
oraclelinux
java-1.6.0-openjdk security update
2013-04-24 00:00:00

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.057 Low

EPSS

Percentile

93.2%

JSON
Related for DEBIAN:DLA-219-1:C7AC1
nessus42openvas60debian2ubuntu3securityvulns4osv2fedora16gentoo1mageia2cve10debiancve10prion10ubuntucve10veracode6ibm5suse2seebug1zdt1exploitpack1zdi3redhat3packetstorm1exploitdb1centos1amazon1oraclelinux1