Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DSA-3187-1:97BB3
HistoryMar 15, 2015 - 5:02 a.m.

[SECURITY] [DSA 3187-1] icu security update

2015-03-1505:02:23
lists.debian.org
12

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.057 Low

EPSS

Percentile

93.2%

JSON

Debian Security Advisory DSA-3187-1 [email protected]
http://www.debian.org/security/ Michael Gilbert
March 15, 2015 http://www.debian.org/security/faq

Package : icu
CVE ID : CVE-2013-1569 CVE-2013-2383 CVE-2013-2384 CVE-2013-2419
CVE-2014-6585 CVE-2014-6591 CVE-2014-7923 CVE-2014-7926
CVE-2014-7940 CVE-2014-9654
Debian Bug : 775884 776264 776265 776719

Several vulnerabilities were discovered in the International Components
for Unicode (ICU) library.

CVE-2013-1569

Glyph table issue.

CVE-2013-2383

Glyph table issue.

CVE-2013-2384

Font layout issue.

CVE-2013-2419

Font processing issue.

CVE-2014-6585

Out-of-bounds read.

CVE-2014-6591

Additional out-of-bounds reads.

CVE-2014-7923

Memory corruption in regular expression comparison.

CVE-2014-7926

Memory corruption in regular expression comparison.

CVE-2014-7940

Uninitialized memory.

CVE-2014-9654

More regular expression flaws.

For the stable distribution (wheezy), these problems have been fixed in
version 4.8.1.1-12+deb7u2.

For the upcoming stable (jessie) and unstable (sid) distributions, these
problems have been fixed in version 52.1-7.1.

We recommend that you upgrade your icu packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian7armellibicu48-dbg< 4.8.1.1-12+deb7u2libicu48-dbg_4.8.1.1-12+deb7u2_armel.deb
Debian7mipslibicu-dev< 4.8.1.1-12+deb7u2libicu-dev_4.8.1.1-12+deb7u2_mips.deb
Debian7mipslibicu48-dbg< 4.8.1.1-12+deb7u2libicu48-dbg_4.8.1.1-12+deb7u2_mips.deb
Debian7i386libicu48< 4.8.1.1-12+deb7u2libicu48_4.8.1.1-12+deb7u2_i386.deb
Debian7s390libicu-dev< 4.8.1.1-12+deb7u2libicu-dev_4.8.1.1-12+deb7u2_s390.deb
Debian7kfreebsd-i386libicu48< 4.8.1.1-12+deb7u2libicu48_4.8.1.1-12+deb7u2_kfreebsd-i386.deb
Debian7powerpclibicu48< 4.8.1.1-12+deb7u2libicu48_4.8.1.1-12+deb7u2_powerpc.deb
Debian7kfreebsd-amd64libicu-dev< 4.8.1.1-12+deb7u2libicu-dev_4.8.1.1-12+deb7u2_kfreebsd-amd64.deb
Debian7mipsellibicu48-dbg< 4.8.1.1-12+deb7u2libicu48-dbg_4.8.1.1-12+deb7u2_mipsel.deb
Debian7amd64libicu-dev< 4.8.1.1-12+deb7u2libicu-dev_4.8.1.1-12+deb7u2_amd64.deb
Rows per page:
1-10 of 511

Related

nessus 43
securityvulns 4
ubuntu 4
debian 2
openvas 58
osv 2
fedora 16
gentoo 1
mageia 2
cve 10
debiancve 10
prion 10
ubuntucve 10
veracode 6
ibm 5
suse 2
exploitpack 1
seebug 1
zdt 1
zdi 3
redhat 3
packetstorm 1
exploitdb 1
centos 1
amazon 1
oraclelinux 1
nessus
nessus
Ubuntu 12.04 LTS : icu vulnerabilities (USN-2522-3)
2015-03-11 00:00:00
Debian DLA-219-1 : icu security update
2015-05-15 00:00:00
Debian DSA-3187-1 : icu - security update
2015-03-17 00:00:00
securityvulns
securityvulns
[USN-2522-1] ICU vulnerabilities
2015-03-07 00:00:00
libicu multiple security vulnerabilities
2015-03-07 00:00:00
SEC Consult SA-20130417-1 :: Java ActiveX Control Memory Corruption
2013-04-22 00:00:00
ubuntu
ubuntu
ICU regression
2015-03-06 00:00:00
ICU vulnerabilities
2015-03-05 00:00:00
ICU vulnerabilities
2015-03-10 00:00:00
debian
debian
[SECURITY] [DLA 219-1] icu security update
2015-05-14 09:45:27
[SECURITY] [DSA 3187-1] icu security update
2015-03-15 05:02:23
openvas
openvas
Ubuntu: Security Advisory (USN-2522-2)
2015-03-07 00:00:00
Ubuntu: Security Advisory (USN-2522-3)
2015-03-11 00:00:00
Debian Security Advisory DSA 3187-1 (icu - security update)
2015-03-15 00:00:00
osv
osv
icu - security update
2015-03-15 00:00:00
icu - security update
2015-05-14 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: icu-52.1-6.fc21
2015-04-28 12:58:53
[SECURITY] Fedora 23 Update: icu-54.1-5.fc23
2015-09-24 05:27:12
[SECURITY] Fedora 22 Update: icu-54.1-4.fc22
2015-10-13 17:07:12
gentoo
gentoo
ICU: Multiple Vulnerabilities
2015-03-14 00:00:00
mageia
mageia
Updated icu packages fix security vulnerabilities
2015-01-31 16:23:52
Updated icu packages fix security vulnerability
2015-03-10 19:48:25
cve
cve
CVE-2014-9654
2017-04-24 06:59:00
CVE-2013-2383
2013-04-17 18:55:00
CVE-2013-2384
2013-04-17 18:55:00
debiancve
debiancve
CVE-2014-9654
2017-04-24 06:59:00
CVE-2013-2383
2013-04-17 18:55:00
CVE-2013-2384
2013-04-17 18:55:00
prion
prion
Memory corruption
2017-04-24 06:59:00
Design/Logic Flaw
2013-04-17 18:55:00
Design/Logic Flaw
2015-01-21 15:28:00
ubuntucve
ubuntucve
CVE-2014-9654
2015-02-05 00:00:00
CVE-2013-2384
2013-04-17 00:00:00
CVE-2013-2383
2013-04-17 00:00:00
veracode
veracode
Information Disclosure
2019-01-15 09:04:21
Information Disclosure
2019-05-02 05:07:16
Improper Access Control
2019-05-02 04:44:36
ibm
ibm
Security Bulletin: TADDM is vulnerable to a denial of service due to vulnerabilities in ICU4J Library
2023-04-26 14:21:56
Security Bulletin: Vulnerability in icu affects IBM Flex System Chassis Management Module (CVE-2014-9654)
2019-01-31 02:25:02
Security Bulletin: A vulnerability in icu affects IBM Flex System Manager (FSM) (CVE-2014-9654)
2018-06-18 01:30:48
suse
suse
Security update for Java 1.4.2 (important)
2013-06-10 18:09:23
Security update for java-1_6_0-openjdk (important)
2013-05-21 20:04:20
exploitpack
exploitpack
Java Web Start Launcher ActiveX Control - Memory Corruption
2013-04-18 00:00:00
seebug
seebug
Java Web Start Launcher ActiveX Control - Memory Corruption
2014-07-01 00:00:00
zdt
zdt
Java Web Start Launcher ActiveX Control - Memory Corruption
2013-04-18 00:00:00
zdi
zdi
Oracle Java GSUB TTF Table LookupCount Remote Code Execution Vulnerability
2013-05-10 00:00:00
Oracle Java mort TTF Table Remote Code Execution Vulnerability
2013-05-10 00:00:00
Oracle Java mort TTF Table Ligature Substitution Remote Code Execution Vulnerability
2013-05-10 00:00:00
redhat
redhat
(RHSA-2013:0855) Important: java-1.5.0-ibm security update
2013-05-22 00:00:00
(RHSA-2015:0136) Important: java-1.5.0-ibm security update
2015-02-05 00:00:00
(RHSA-2013:0770) Important: java-1.6.0-openjdk security update
2013-04-24 00:00:00
packetstorm
packetstorm
Java Web Start Launcher Memory Corruption
2013-04-17 00:00:00
exploitdb
exploitdb
Java Web Start Launcher ActiveX Control - Memory Corruption
2013-04-18 00:00:00
centos
centos
java security update
2013-04-24 20:56:24
amazon
amazon
Important: java-1.6.0-openjdk
2013-04-25 20:40:00
oraclelinux
oraclelinux
java-1.6.0-openjdk security update
2013-04-24 00:00:00

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.057 Low

EPSS

Percentile

93.2%

JSON
Related for DEBIAN:DSA-3187-1:97BB3
nessus43securityvulns4ubuntu4debian2openvas58osv2fedora16gentoo1mageia2cve10debiancve10prion10ubuntucve10veracode6ibm5suse2exploitpack1seebug1zdt1zdi3redhat3packetstorm1exploitdb1centos1amazon1oraclelinux1