International Components for Unicode (ICU) is a library for handling Unicode strings. A C version, ICU4C and a Java version, ICU4J are available. Multiple products that use ICU4C contain a use-after-free vulnerability.
ICU released ICU4C version 52.1 that addresses this vulnerability on October 9, 2013.
Impacts may vary depending on the product. In some cases, a remote attacker may cause a denial-of-service (DoS).
Apply an Update
Update to the latest version according to the information provided by the developer.
## Products Affected
Products that use International Components for Unicode (ICU) may be vulnerable.
For more information on vulnerable products, please refer to the "Vendor Status" section.