JVN#85336306: Use-after-free vulnerability in multiple products that use International Components for Unicode (ICU)

2013-10-30T00:00:00
ID JVN:85336306
Type jvn
Reporter Japan Vulnerability Notes
Modified 2015-10-21T00:00:00

Description

## Description

International Components for Unicode (ICU) is a library for handling Unicode strings. A C version, ICU4C and a Java version, ICU4J are available. Multiple products that use ICU4C contain a use-after-free vulnerability.

ICU released ICU4C version 52.1 that addresses this vulnerability on October 9, 2013.

## Impact

Impacts may vary depending on the product. In some cases, a remote attacker may cause a denial-of-service (DoS).

## Solution

Apply an Update
Update to the latest version according to the information provided by the developer.

## Products Affected

Products that use International Components for Unicode (ICU) may be vulnerable.

For more information on vulnerable products, please refer to the "Vendor Status" section.