{"id": "FEDORA_2011-17101.NASL", "bulletinFamily": "scanner", "title": "Fedora 16 : icu-4.6-3.fc16 (2011-17101)", "description": "Fixes CVE-2011-4599\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "published": "2011-12-23T00:00:00", "modified": "2020-12-02T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "https://www.tenable.com/plugins/nessus/57386", "reporter": "This script is Copyright (C) 2011-2019 Tenable Network Security, Inc.", "references": ["http://www.nessus.org/u?7b19ba06", "https://bugzilla.redhat.com/show_bug.cgi?id=766542"], "cvelist": ["CVE-2011-4599"], "type": "nessus", "lastseen": "2020-12-01T10:09:46", "edition": 21, "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-4599"]}, {"type": "ubuntu", "idList": ["USN-1348-1"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310870523", "OPENVAS:881453", "OPENVAS:1361412562310840881", "OPENVAS:1361412562310881453", "OPENVAS:863666", "OPENVAS:881290", "OPENVAS:70714", "OPENVAS:1361412562310863979", "OPENVAS:840881", "OPENVAS:72424"]}, {"type": "gentoo", "idList": ["GLSA-201209-07"]}, {"type": "centos", "idList": ["CESA-2011:1815"]}, {"type": "nessus", "idList": ["FEDORA_2011-17119.NASL", "UBUNTU_USN-1348-1.NASL", "DEBIAN_DSA-2397.NASL", "ORACLELINUX_ELSA-2011-1815.NASL", "CENTOS_RHSA-2011-1815.NASL", "REDHAT-RHSA-2011-1815.NASL", "SL_20111213_ICU_ON_SL5_X.NASL", "GENTOO_GLSA-201209-07.NASL", "MANDRIVA_MDVSA-2011-194.NASL", "ALA_ALAS-2012-33.NASL"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:12597", "SECURITYVULNS:VULN:12123", "SECURITYVULNS:VULN:12596", "SECURITYVULNS:DOC:28598", "SECURITYVULNS:VULN:12610", "SECURITYVULNS:DOC:28577", "SECURITYVULNS:DOC:28576", "SECURITYVULNS:DOC:27505"]}, {"type": "amazon", "idList": ["ALAS-2012-033"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2397-1:E10AA"]}, {"type": "oraclelinux", "idList": ["ELSA-2011-1815"]}, {"type": "redhat", "idList": ["RHSA-2011:1815"]}], "modified": "2020-12-01T10:09:46", "rev": 2}, "score": {"value": 5.4, "vector": "NONE", "modified": "2020-12-01T10:09:46", "rev": 2}, "vulnersScore": 5.4}, "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-17101.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(57386);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2019/08/02 13:32:34\");\n\n script_cve_id(\"CVE-2011-4599\");\n script_bugtraq_id(51006);\n script_xref(name:\"FEDORA\", value:\"2011-17101\");\n\n script_name(english:\"Fedora 16 : icu-4.6-3.fc16 (2011-17101)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fixes CVE-2011-4599\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=766542\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-December/071318.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7b19ba06\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected icu package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:icu\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"icu-4.6-3.fc16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"icu\");\n}\n", "naslFamily": "Fedora Local Security Checks", "pluginID": "57386", "cpe": ["cpe:/o:fedoraproject:fedora:16", "p-cpe:/a:fedoraproject:fedora:icu"], "scheme": null}

{"cve": [{"lastseen": "2020-11-29T23:05:24", "description": "Stack-based buffer overflow in the _canonicalize function in common/uloc.c in International Components for Unicode (ICU) before 49.1 allows remote attackers to execute arbitrary code via a crafted locale ID that is not properly handled during variant canonicalization.", "edition": 4, "cvss3": {}, "published": "2012-06-21T15:55:00", "title": "CVE-2011-4599", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-4599"], "modified": "2018-01-24T15:31:00", "cpe": [], "id": "CVE-2011-4599", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4599", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": []}], "ubuntu": [{"lastseen": "2020-07-09T00:33:33", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4599"], "description": "It was discovered that ICU did not properly handle invalid locale data \nduring Unicode conversion. If an application using ICU processed crafted \ndata, an attacker could cause it to crash or potentially execute arbitrary \ncode with the privileges of the user invoking the program.", "edition": 5, "modified": "2012-01-26T00:00:00", "published": "2012-01-26T00:00:00", "id": "USN-1348-1", "href": "https://ubuntu.com/security/notices/USN-1348-1", "title": "ICU vulnerability", "type": "ubuntu", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2017-12-04T11:20:41", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4599"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1348-1", "modified": "2017-12-01T00:00:00", "published": "2012-02-01T00:00:00", "id": "OPENVAS:840881", "href": "http://plugins.openvas.org/nasl.php?oid=840881", "type": "openvas", "title": "Ubuntu Update for icu USN-1348-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1348_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for icu USN-1348-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that ICU did not properly handle invalid locale data\n during Unicode conversion. If an application using ICU processed crafted\n data, an attacker could cause it to crash or potentially execute arbitrary\n code with the privileges of the user invoking the program.\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1348-1\";\ntag_affected = \"icu on Ubuntu 11.04 ,\n Ubuntu 10.10 ,\n Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1348-1/\");\n script_id(840881);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-01 11:36:58 +0530 (Wed, 01 Feb 2012)\");\n script_cve_id(\"CVE-2011-4599\");\n script_xref(name: \"USN\", value: \"1348-1\");\n script_name(\"Ubuntu Update for icu USN-1348-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libicu42\", ver:\"4.2.1-3ubuntu0.10.10.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libicu42\", ver:\"4.2.1-3ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libicu44\", ver:\"4.4.2-2ubuntu0.11.04.1\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:51:15", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4599"], "description": "The remote host is missing an update to icu\nannounced via advisory DSA 2397-1.", "modified": "2017-07-07T00:00:00", "published": "2012-02-12T00:00:00", "id": "OPENVAS:70714", "href": "http://plugins.openvas.org/nasl.php?oid=70714", "type": "openvas", "title": "Debian Security Advisory DSA 2397-1 (icu)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2397_1.nasl 6612 2017-07-07 12:08:03Z cfischer $\n# Description: Auto-generated from advisory DSA 2397-1 (icu)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that a buffer overflow in the Unicode libraray ICU\ncould lead to the execution of arbitrary code.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 3.8.1-3+lenny3.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 4.4.1-8.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 4.8.1.1-3.\n\nWe recommend that you upgrade your icu packages.\";\ntag_summary = \"The remote host is missing an update to icu\nannounced via advisory DSA 2397-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202397-1\";\n\nif(description)\n{\n script_id(70714);\n script_cve_id(\"CVE-2011-4599\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_version(\"$Revision: 6612 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:03 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-12 06:35:00 -0500 (Sun, 12 Feb 2012)\");\n script_name(\"Debian Security Advisory DSA 2397-1 (icu)\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"icu-doc\", ver:\"3.8.1-3+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"lib32icu-dev\", ver:\"3.8.1-3+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"lib32icu38\", ver:\"3.8.1-3+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libicu-dev\", ver:\"3.8.1-3+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libicu38\", ver:\"3.8.1-3+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libicu38-dbg\", ver:\"3.8.1-3+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"icu-doc\", ver:\"4.4.1-8\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"lib32icu-dev\", ver:\"4.4.1-8\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"lib32icu44\", ver:\"4.4.1-8\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libicu-dev\", ver:\"4.4.1-8\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libicu44\", ver:\"4.4.1-8\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libicu44-dbg\", ver:\"4.4.1-8\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-08T12:58:08", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4599"], "description": "Check for the Version of icu", "modified": "2018-01-08T00:00:00", "published": "2012-07-30T00:00:00", "id": "OPENVAS:881453", "href": "http://plugins.openvas.org/nasl.php?oid=881453", "type": "openvas", "title": "CentOS Update for icu CESA-2011:1815 centos6 ", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for icu CESA-2011:1815 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The International Components for Unicode (ICU) library provides robust and\n full-featured Unicode services.\n\n A stack-based buffer overflow flaw was found in the way ICU performed\n variant canonicalization for some locale identifiers. If a\n specially-crafted locale representation was opened in an application\n linked against ICU, it could cause the application to crash or, possibly,\n execute arbitrary code with the privileges of the user running the\n application. (CVE-2011-4599)\n \n All users of ICU should upgrade to these updated packages, which contain a\n backported patch to resolve this issue. All applications linked against\n ICU must be restarted for this update to take effect.\";\n\ntag_affected = \"icu on CentOS 6\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-December/018340.html\");\n script_id(881453);\n script_version(\"$Revision: 8313 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-08 08:02:11 +0100 (Mon, 08 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 17:54:43 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-4599\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2011:1815\");\n script_name(\"CentOS Update for icu CESA-2011:1815 centos6 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of icu\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"icu\", rpm:\"icu~4.2.1~9.1.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libicu\", rpm:\"libicu~4.2.1~9.1.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libicu-devel\", rpm:\"libicu-devel~4.2.1~9.1.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libicu-doc\", rpm:\"libicu-doc~4.2.1~9.1.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:34", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4599"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1348-1", "modified": "2019-03-13T00:00:00", "published": "2012-02-01T00:00:00", "id": "OPENVAS:1361412562310840881", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840881", "type": "openvas", "title": "Ubuntu Update for icu USN-1348-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1348_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for icu USN-1348-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1348-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840881\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-01 11:36:58 +0530 (Wed, 01 Feb 2012)\");\n script_cve_id(\"CVE-2011-4599\");\n script_xref(name:\"USN\", value:\"1348-1\");\n script_name(\"Ubuntu Update for icu USN-1348-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(10\\.10|10\\.04 LTS|11\\.04)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1348-1\");\n script_tag(name:\"affected\", value:\"icu on Ubuntu 11.04,\n Ubuntu 10.10,\n Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"It was discovered that ICU did not properly handle invalid locale data\n during Unicode conversion. If an application using ICU processed crafted\n data, an attacker could cause it to crash or potentially execute arbitrary\n code with the privileges of the user invoking the program.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libicu42\", ver:\"4.2.1-3ubuntu0.10.10.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libicu42\", ver:\"4.2.1-3ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libicu44\", ver:\"4.4.2-2ubuntu0.11.04.1\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:51:11", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4599"], "description": "The remote host is missing updates announced in\nadvisory GLSA 201209-07.", "modified": "2017-07-07T00:00:00", "published": "2012-09-26T00:00:00", "id": "OPENVAS:72424", "href": "http://plugins.openvas.org/nasl.php?oid=72424", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201209-07 (icu)", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A buffer overflow in International Components for Unicode could\nresult in execution of arbitrary code or Denial of Service.\";\ntag_solution = \"All ICU users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-libs/icu-49.1.1-r1'\n \n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20201209-07\nhttp://bugs.gentoo.org/show_bug.cgi?id=394201\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 201209-07.\";\n\n \n \nif(description)\n{\n script_id(72424);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2011-4599\");\n script_version(\"$Revision: 6593 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:18:14 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-26 11:20:49 -0400 (Wed, 26 Sep 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201209-07 (icu)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"dev-libs/icu\", unaffected: make_list(\"ge 49.1.1-r1\"), vulnerable: make_list(\"lt 49.1.1-r1\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:26", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4599"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2011-12-16T00:00:00", "id": "OPENVAS:1361412562310881058", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881058", "type": "openvas", "title": "CentOS Update for icu CESA-2011:1815 centos5 i386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for icu CESA-2011:1815 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-December/018324.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881058\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-12-16 11:10:58 +0530 (Fri, 16 Dec 2011)\");\n script_xref(name:\"CESA\", value:\"2011:1815\");\n script_cve_id(\"CVE-2011-4599\");\n script_name(\"CentOS Update for icu CESA-2011:1815 centos5 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'icu'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"icu on CentOS 5\");\n script_tag(name:\"insight\", value:\"The International Components for Unicode (ICU) library provides robust and\n full-featured Unicode services.\n\n A stack-based buffer overflow flaw was found in the way ICU performed\n variant canonicalization for some locale identifiers. If a\n specially-crafted locale representation was opened in an application\n linked against ICU, it could cause the application to crash or, possibly,\n execute arbitrary code with the privileges of the user running the\n application. (CVE-2011-4599)\n\n All users of ICU should upgrade to these updated packages, which contain a\n backported patch to resolve this issue. All applications linked against\n ICU must be restarted for this update to take effect.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"icu\", rpm:\"icu~3.6~5.16.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libicu\", rpm:\"libicu~3.6~5.16.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libicu-devel\", rpm:\"libicu-devel~3.6~5.16.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libicu-doc\", rpm:\"libicu-doc~3.6~5.16.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:42", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4599"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2011-12-16T00:00:00", "id": "OPENVAS:1361412562310870523", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870523", "type": "openvas", "title": "RedHat Update for icu RHSA-2011:1815-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for icu RHSA-2011:1815-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2011-December/msg00037.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870523\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-12-16 11:08:42 +0530 (Fri, 16 Dec 2011)\");\n script_xref(name:\"RHSA\", value:\"2011:1815-01\");\n script_cve_id(\"CVE-2011-4599\");\n script_name(\"RedHat Update for icu RHSA-2011:1815-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'icu'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n script_tag(name:\"affected\", value:\"icu on Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"The International Components for Unicode (ICU) library provides robust and\n full-featured Unicode services.\n\n A stack-based buffer overflow flaw was found in the way ICU performed\n variant canonicalization for some locale identifiers. If a\n specially-crafted locale representation was opened in an application\n linked against ICU, it could cause the application to crash or, possibly,\n execute arbitrary code with the privileges of the user running the\n application. (CVE-2011-4599)\n\n All users of ICU should upgrade to these updated packages, which contain a\n backported patch to resolve this issue. All applications linked against\n ICU must be restarted for this update to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"icu\", rpm:\"icu~3.6~5.16.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"icu-debuginfo\", rpm:\"icu-debuginfo~3.6~5.16.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libicu\", rpm:\"libicu~3.6~5.16.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libicu-devel\", rpm:\"libicu-devel~3.6~5.16.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libicu-doc\", rpm:\"libicu-doc~3.6~5.16.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:55:38", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4599"], "description": "Check for the Version of icu", "modified": "2017-07-06T00:00:00", "published": "2011-12-30T00:00:00", "id": "OPENVAS:831516", "href": "http://plugins.openvas.org/nasl.php?oid=831516", "type": "openvas", "title": "Mandriva Update for icu MDVSA-2011:194 (icu)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for icu MDVSA-2011:194 (icu)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability has been discovered and corrected in icu:\n\n A stack-based buffer overflow flaw was found in the way ICU\n performed variant canonicalization for some locale identifiers. If a\n specially-crafted locale representation was opened in an application\n linked against ICU, it could cause the application to crash or,\n possibly, execute arbitrary code with the privileges of the user\n running the application (CVE-2011-4599).\n\n The updated packages have been patched to correct this issue.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"icu on Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2011-12/msg00025.php\");\n script_id(831516);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 6570 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:06:35 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-12-30 09:13:11 +0530 (Fri, 30 Dec 2011)\");\n script_xref(name: \"MDVSA\", value: \"2011:194\");\n script_cve_id(\"CVE-2011-4599\");\n script_name(\"Mandriva Update for icu MDVSA-2011:194 (icu)\");\n\n script_summary(\"Check for the Version of icu\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"icu\", rpm:\"icu~4.0~2.2mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"icu-doc\", rpm:\"icu-doc~4.0~2.2mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libicu40\", rpm:\"libicu40~4.0~2.2mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libicu-devel\", rpm:\"libicu-devel~4.0~2.2mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64icu40\", rpm:\"lib64icu40~4.0~2.2mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64icu-devel\", rpm:\"lib64icu-devel~4.0~2.2mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"icu\", rpm:\"icu~4.4~2.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"icu-doc\", rpm:\"icu-doc~4.4~2.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libicu44\", rpm:\"libicu44~4.4~2.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libicu-devel\", rpm:\"libicu-devel~4.4~2.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64icu44\", rpm:\"lib64icu44~4.4~2.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64icu-devel\", rpm:\"lib64icu-devel~4.4~2.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:27", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4599"], "description": "The remote host is missing an update for the ", "modified": "2018-11-16T00:00:00", "published": "2011-12-30T00:00:00", "id": "OPENVAS:1361412562310831516", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831516", "type": "openvas", "title": "Mandriva Update for icu MDVSA-2011:194 (icu)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for icu MDVSA-2011:194 (icu)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.mandriva.com/security-announce/2011-12/msg00025.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831516\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-12-30 09:13:11 +0530 (Fri, 30 Dec 2011)\");\n script_xref(name:\"MDVSA\", value:\"2011:194\");\n script_cve_id(\"CVE-2011-4599\");\n script_name(\"Mandriva Update for icu MDVSA-2011:194 (icu)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'icu'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_(mes5|2010\\.1)\");\n script_tag(name:\"affected\", value:\"icu on Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\");\n script_tag(name:\"insight\", value:\"A vulnerability has been discovered and corrected in icu:\n\n A stack-based buffer overflow flaw was found in the way ICU\n performed variant canonicalization for some locale identifiers. If a\n specially-crafted locale representation was opened in an application\n linked against ICU, it could cause the application to crash or,\n possibly, execute arbitrary code with the privileges of the user\n running the application (CVE-2011-4599).\n\n The updated packages have been patched to correct this issue.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"icu\", rpm:\"icu~4.0~2.2mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"icu-doc\", rpm:\"icu-doc~4.0~2.2mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libicu40\", rpm:\"libicu40~4.0~2.2mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libicu-devel\", rpm:\"libicu-devel~4.0~2.2mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64icu40\", rpm:\"lib64icu40~4.0~2.2mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64icu-devel\", rpm:\"lib64icu-devel~4.0~2.2mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"icu\", rpm:\"icu~4.4~2.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"icu-doc\", rpm:\"icu-doc~4.4~2.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libicu44\", rpm:\"libicu44~4.4~2.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libicu-devel\", rpm:\"libicu-devel~4.4~2.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64icu44\", rpm:\"lib64icu44~4.4~2.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64icu-devel\", rpm:\"lib64icu-devel~4.4~2.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:04", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4599"], "description": "Oracle Linux Local Security Checks ELSA-2011-1815", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310122044", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122044", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2011-1815", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2011-1815.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122044\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:12:08 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2011-1815\");\n script_tag(name:\"insight\", value:\"ELSA-2011-1815 - icu security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2011-1815\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2011-1815.html\");\n script_cve_id(\"CVE-2011-4599\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"icu\", rpm:\"icu~4.2.1~9.1.el6_2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libicu\", rpm:\"libicu~4.2.1~9.1.el6_2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libicu-devel\", rpm:\"libicu-devel~4.2.1~9.1.el6_2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libicu-doc\", rpm:\"libicu-doc~4.2.1~9.1.el6_2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2016-09-06T19:47:02", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4599"], "description": "### Background\n\nInternational Components for Unicode (ICU) is a set of C/C++ and Java libraries providing Unicode and Globalization support for software applications. \n\n### Description\n\nAn error in the _canonicalize() function in uloc.cpp could cause a stack-based buffer overflow. \n\n### Impact\n\nA remote attacker could entice a user to open a specially crafted locale representation using an application linked against ICU, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll ICU users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/icu-49.1.1-r1\"", "edition": 1, "modified": "2012-09-24T00:00:00", "published": "2012-09-24T00:00:00", "id": "GLSA-201209-07", "href": "https://security.gentoo.org/glsa/201209-07", "type": "gentoo", "title": "International Components for Unicode: User-assisted execution of arbitrary code", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "centos": [{"lastseen": "2020-07-17T03:30:09", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4599"], "description": "**CentOS Errata and Security Advisory** CESA-2011:1815\n\n\nThe International Components for Unicode (ICU) library provides robust and\nfull-featured Unicode services.\n\nA stack-based buffer overflow flaw was found in the way ICU performed\nvariant canonicalization for some locale identifiers. If a\nspecially-crafted locale representation was opened in an application\nlinked against ICU, it could cause the application to crash or, possibly,\nexecute arbitrary code with the privileges of the user running the\napplication. (CVE-2011-4599)\n\nAll users of ICU should upgrade to these updated packages, which contain a\nbackported patch to resolve this issue. All applications linked against\nICU must be restarted for this update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2011-December/030361.html\nhttp://lists.centos.org/pipermail/centos-announce/2011-December/030362.html\nhttp://lists.centos.org/pipermail/centos-announce/2011-December/030378.html\n\n**Affected packages:**\nicu\nlibicu\nlibicu-devel\nlibicu-doc\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2011-1815.html", "edition": 6, "modified": "2011-12-22T15:45:28", "published": "2011-12-14T00:14:20", "href": "http://lists.centos.org/pipermail/centos-announce/2011-December/030361.html", "id": "CESA-2011:1815", "title": "icu, libicu security update", "type": "centos", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2019-08-13T18:45:08", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4599"], "description": "The International Components for Unicode (ICU) library provides robust and\nfull-featured Unicode services.\n\nA stack-based buffer overflow flaw was found in the way ICU performed\nvariant canonicalization for some locale identifiers. If a\nspecially-crafted locale representation was opened in an application\nlinked against ICU, it could cause the application to crash or, possibly,\nexecute arbitrary code with the privileges of the user running the\napplication. (CVE-2011-4599)\n\nAll users of ICU should upgrade to these updated packages, which contain a\nbackported patch to resolve this issue. All applications linked against\nICU must be restarted for this update to take effect.\n", "modified": "2018-06-06T20:24:15", "published": "2011-12-13T05:00:00", "id": "RHSA-2011:1815", "href": "https://access.redhat.com/errata/RHSA-2011:1815", "type": "redhat", "title": "(RHSA-2011:1815) Moderate: icu security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2020-09-25T06:48:53", "description": "The remote host is affected by the vulnerability described in GLSA-201209-07\n(International Components for Unicode: User-assisted execution of arbitrary code)\n\n An error in the _canonicalize() function in uloc.cpp could cause a\n stack-based buffer overflow.\n \nImpact :\n\n A remote attacker could entice a user to open a specially crafted locale\n representation using an application linked against ICU, possibly\n resulting in execution of arbitrary code with the privileges of the\n process or a Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 20, "published": "2012-09-25T00:00:00", "title": "GLSA-201209-07 : International Components for Unicode: User-assisted execution of arbitrary code", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4599"], "modified": "2012-09-25T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:icu"], "id": "GENTOO_GLSA-201209-07.NASL", "href": "https://www.tenable.com/plugins/nessus/62288", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201209-07.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62288);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/24\");\n\n script_cve_id(\"CVE-2011-4599\");\n script_bugtraq_id(51006);\n script_xref(name:\"GLSA\", value:\"201209-07\");\n\n script_name(english:\"GLSA-201209-07 : International Components for Unicode: User-assisted execution of arbitrary code\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201209-07\n(International Components for Unicode: User-assisted execution of arbitrary code)\n\n An error in the _canonicalize() function in uloc.cpp could cause a\n stack-based buffer overflow.\n \nImpact :\n\n A remote attacker could entice a user to open a specially crafted locale\n representation using an application linked against ICU, possibly\n resulting in execution of arbitrary code with the privileges of the\n process or a Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201209-07\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All ICU users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-libs/icu-49.1.1-r1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:icu\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2020 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-libs/icu\", unaffected:make_list(\"ge 49.1.1-r1\"), vulnerable:make_list(\"lt 49.1.1-r1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"International Components for Unicode\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-01T13:25:47", "description": "Updated icu packages that fix one security issue are now available for\nRed Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nThe International Components for Unicode (ICU) library provides robust\nand full-featured Unicode services.\n\nA stack-based buffer overflow flaw was found in the way ICU performed\nvariant canonicalization for some locale identifiers. If a specially\ncrafted locale representation was opened in an application linked\nagainst ICU, it could cause the application to crash or, possibly,\nexecute arbitrary code with the privileges of the user running the\napplication. (CVE-2011-4599)\n\nAll users of ICU should upgrade to these updated packages, which\ncontain a backported patch to resolve this issue. All applications\nlinked against ICU must be restarted for this update to take effect.", "edition": 25, "published": "2011-12-14T00:00:00", "title": "RHEL 5 / 6 : icu (RHSA-2011:1815)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4599"], "modified": "2020-12-02T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:icu", "p-cpe:/a:redhat:enterprise_linux:libicu-doc", "p-cpe:/a:redhat:enterprise_linux:libicu-devel", "p-cpe:/a:redhat:enterprise_linux:libicu", "cpe:/o:redhat:enterprise_linux:6.2", "cpe:/o:redhat:enterprise_linux:6", "p-cpe:/a:redhat:enterprise_linux:icu-debuginfo"], "id": "REDHAT-RHSA-2011-1815.NASL", "href": "https://www.tenable.com/plugins/nessus/57296", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:1815. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(57296);\n script_version (\"1.20\");\n script_cvs_date(\"Date: 2019/10/25 13:36:16\");\n\n script_cve_id(\"CVE-2011-4599\");\n script_bugtraq_id(51006);\n script_xref(name:\"RHSA\", value:\"2011:1815\");\n\n script_name(english:\"RHEL 5 / 6 : icu (RHSA-2011:1815)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated icu packages that fix one security issue are now available for\nRed Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nThe International Components for Unicode (ICU) library provides robust\nand full-featured Unicode services.\n\nA stack-based buffer overflow flaw was found in the way ICU performed\nvariant canonicalization for some locale identifiers. If a specially\ncrafted locale representation was opened in an application linked\nagainst ICU, it could cause the application to crash or, possibly,\nexecute arbitrary code with the privileges of the user running the\napplication. (CVE-2011-4599)\n\nAll users of ICU should upgrade to these updated packages, which\ncontain a backported patch to resolve this issue. All applications\nlinked against ICU must be restarted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4599\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2011:1815\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:icu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:icu-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libicu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libicu-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libicu-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/06/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2011:1815\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"icu-3.6-5.16.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"icu-3.6-5.16.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"icu-3.6-5.16.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"libicu-3.6-5.16.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"libicu-devel-3.6-5.16.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"libicu-doc-3.6-5.16.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"libicu-doc-3.6-5.16.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"libicu-doc-3.6-5.16.1\")) flag++;\n\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"icu-4.2.1-9.1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"icu-4.2.1-9.1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"icu-4.2.1-9.1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"icu-debuginfo-4.2.1-9.1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"libicu-4.2.1-9.1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"libicu-devel-4.2.1-9.1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"libicu-doc-4.2.1-9.1.el6_2\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"icu / icu-debuginfo / libicu / libicu-devel / libicu-doc\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-01T13:02:17", "description": "From Red Hat Security Advisory 2011:1815 :\n\nUpdated icu packages that fix one security issue are now available for\nRed Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nThe International Components for Unicode (ICU) library provides robust\nand full-featured Unicode services.\n\nA stack-based buffer overflow flaw was found in the way ICU performed\nvariant canonicalization for some locale identifiers. If a specially\ncrafted locale representation was opened in an application linked\nagainst ICU, it could cause the application to crash or, possibly,\nexecute arbitrary code with the privileges of the user running the\napplication. (CVE-2011-4599)\n\nAll users of ICU should upgrade to these updated packages, which\ncontain a backported patch to resolve this issue. All applications\nlinked against ICU must be restarted for this update to take effect.", "edition": 22, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 5 / 6 : icu (ELSA-2011-1815)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4599"], "modified": "2020-12-02T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:icu", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:libicu", "p-cpe:/a:oracle:linux:libicu-doc", "p-cpe:/a:oracle:linux:libicu-devel"], "id": "ORACLELINUX_ELSA-2011-1815.NASL", "href": "https://www.tenable.com/plugins/nessus/68406", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2011:1815 and \n# Oracle Linux Security Advisory ELSA-2011-1815 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(68406);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/10/25 13:36:09\");\n\n script_cve_id(\"CVE-2011-4599\");\n script_bugtraq_id(51006);\n script_xref(name:\"RHSA\", value:\"2011:1815\");\n\n script_name(english:\"Oracle Linux 5 / 6 : icu (ELSA-2011-1815)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2011:1815 :\n\nUpdated icu packages that fix one security issue are now available for\nRed Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nThe International Components for Unicode (ICU) library provides robust\nand full-featured Unicode services.\n\nA stack-based buffer overflow flaw was found in the way ICU performed\nvariant canonicalization for some locale identifiers. If a specially\ncrafted locale representation was opened in an application linked\nagainst ICU, it could cause the application to crash or, possibly,\nexecute arbitrary code with the privileges of the user running the\napplication. (CVE-2011-4599)\n\nAll users of ICU should upgrade to these updated packages, which\ncontain a backported patch to resolve this issue. All applications\nlinked against ICU must be restarted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-December/002503.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-December/002512.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected icu packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:icu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libicu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libicu-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libicu-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/06/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5 / 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"icu-3.6-5.16.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"libicu-3.6-5.16.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"libicu-devel-3.6-5.16.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"libicu-doc-3.6-5.16.1\")) flag++;\n\nif (rpm_check(release:\"EL6\", reference:\"icu-4.2.1-9.1.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"libicu-4.2.1-9.1.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"libicu-devel-4.2.1-9.1.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"libicu-doc-4.2.1-9.1.el6_2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"icu / libicu / libicu-devel / libicu-doc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-01T10:09:46", "description": "Fixes CVE-2011-4599\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 21, "published": "2011-12-23T00:00:00", "title": "Fedora 15 : icu-4.4.2-9.fc15 (2011-17119)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4599"], "modified": "2020-12-02T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:15", "p-cpe:/a:fedoraproject:fedora:icu"], "id": "FEDORA_2011-17119.NASL", "href": "https://www.tenable.com/plugins/nessus/57388", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-17119.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(57388);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2019/08/02 13:32:34\");\n\n script_cve_id(\"CVE-2011-4599\");\n script_bugtraq_id(51006);\n script_xref(name:\"FEDORA\", value:\"2011-17119\");\n\n script_name(english:\"Fedora 15 : icu-4.4.2-9.fc15 (2011-17119)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fixes CVE-2011-4599\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=766542\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-December/071316.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a2b1e59b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected icu package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:icu\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:15\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^15([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 15.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC15\", reference:\"icu-4.4.2-9.fc15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"icu\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-01T15:06:28", "description": "It was discovered that ICU did not properly handle invalid locale data\nduring Unicode conversion. If an application using ICU processed\ncrafted data, an attacker could cause it to crash or potentially\nexecute arbitrary code with the privileges of the user invoking the\nprogram.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 23, "published": "2012-01-27T00:00:00", "title": "Ubuntu 10.04 LTS / 10.10 / 11.04 / 11.10 : icu vulnerability (USN-1348-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4599"], "modified": "2020-12-02T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:11.10", "cpe:/o:canonical:ubuntu_linux:11.04", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:10.10", "p-cpe:/a:canonical:ubuntu_linux:libicu44", "p-cpe:/a:canonical:ubuntu_linux:libicu42"], "id": "UBUNTU_USN-1348-1.NASL", "href": "https://www.tenable.com/plugins/nessus/57706", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1348-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(57706);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/09/19 12:54:27\");\n\n script_cve_id(\"CVE-2011-4599\");\n script_bugtraq_id(51006);\n script_xref(name:\"USN\", value:\"1348-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 10.10 / 11.04 / 11.10 : icu vulnerability (USN-1348-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that ICU did not properly handle invalid locale data\nduring Unicode conversion. If an application using ICU processed\ncrafted data, an attacker could cause it to crash or potentially\nexecute arbitrary code with the privileges of the user invoking the\nprogram.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1348-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libicu42 and / or libicu44 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libicu42\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libicu44\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/06/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/01/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04|10\\.10|11\\.04|11\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 10.10 / 11.04 / 11.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libicu42\", pkgver:\"4.2.1-3ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"libicu42\", pkgver:\"4.2.1-3ubuntu0.10.10.1\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"libicu44\", pkgver:\"4.4.2-2ubuntu0.11.04.1\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"libicu44\", pkgver:\"4.4.2-2ubuntu0.11.10.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libicu42 / libicu44\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-01T09:23:47", "description": "A stack-based buffer overflow flaw was found in the way ICU performed\nvariant canonicalization for some locale identifiers. If a specially\ncrafted locale representation was opened in an application linked\nagainst ICU, it could cause the application to crash or, possibly,\nexecute arbitrary code with the privileges of the user running the\napplication. (CVE-2011-4599)", "edition": 22, "published": "2013-09-04T00:00:00", "title": "Amazon Linux AMI : icu (ALAS-2012-33)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4599"], "modified": "2020-12-02T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:icu", "p-cpe:/a:amazon:linux:icu-debuginfo", "p-cpe:/a:amazon:linux:libicu", "p-cpe:/a:amazon:linux:libicu-devel", "p-cpe:/a:amazon:linux:libicu-doc", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2012-33.NASL", "href": "https://www.tenable.com/plugins/nessus/69640", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2012-33.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69640);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/04/18 15:09:34\");\n\n script_cve_id(\"CVE-2011-4599\");\n script_xref(name:\"ALAS\", value:\"2012-33\");\n script_xref(name:\"RHSA\", value:\"2011:1815\");\n\n script_name(english:\"Amazon Linux AMI : icu (ALAS-2012-33)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A stack-based buffer overflow flaw was found in the way ICU performed\nvariant canonicalization for some locale identifiers. If a specially\ncrafted locale representation was opened in an application linked\nagainst ICU, it could cause the application to crash or, possibly,\nexecute arbitrary code with the privileges of the user running the\napplication. (CVE-2011-4599)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2012-33.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update icu' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:icu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:icu-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libicu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libicu-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libicu-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"icu-4.2.1-9.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"icu-debuginfo-4.2.1-9.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"libicu-4.2.1-9.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"libicu-devel-4.2.1-9.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"libicu-doc-4.2.1-9.9.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"icu / icu-debuginfo / libicu / libicu-devel / libicu-doc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-17T23:00:28", "description": "It was discovered that a buffer overflow in the Unicode library ICU\ncould lead to the execution of arbitrary code.", "edition": 15, "published": "2012-01-31T00:00:00", "title": "Debian DSA-2397-1 : icu - buffer underflow", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4599"], "modified": "2012-01-31T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:6.0", "p-cpe:/a:debian:debian_linux:icu", "cpe:/o:debian:debian_linux:5.0"], "id": "DEBIAN_DSA-2397.NASL", "href": "https://www.tenable.com/plugins/nessus/57737", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2397. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(57737);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/03/12\");\n\n script_cve_id(\"CVE-2011-4599\");\n script_bugtraq_id(51006);\n script_xref(name:\"DSA\", value:\"2397\");\n\n script_name(english:\"Debian DSA-2397-1 : icu - buffer underflow\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that a buffer overflow in the Unicode library ICU\ncould lead to the execution of arbitrary code.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/icu\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2012/dsa-2397\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the icu packages.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 3.8.1-3+lenny3.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 4.4.1-8.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icu\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/01/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"icu\", reference:\"3.8.1-3+lenny3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"icu-doc\", reference:\"4.4.1-8\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"lib32icu-dev\", reference:\"4.4.1-8\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"lib32icu44\", reference:\"4.4.1-8\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libicu-dev\", reference:\"4.4.1-8\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libicu44\", reference:\"4.4.1-8\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libicu44-dbg\", reference:\"4.4.1-8\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-01T14:03:14", "description": "The International Components for Unicode (ICU) library provides robust\nand full-featured Unicode services.\n\nA stack-based buffer overflow flaw was found in the way ICU performed\nvariant canonicalization for some locale identifiers. If a specially\ncrafted locale representation was opened in an application linked\nagainst ICU, it could cause the application to crash or, possibly,\nexecute arbitrary code with the privileges of the user running the\napplication. (CVE-2011-4599)\n\nAll users of ICU should upgrade to these updated packages, which\ncontain a backported patch to resolve this issue. All applications\nlinked against ICU must be restarted for this update to take effect.", "edition": 22, "published": "2012-08-01T00:00:00", "title": "Scientific Linux Security Update : icu on SL5.x, SL6.x i386/x86_64", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4599"], "modified": "2020-12-02T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20111213_ICU_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61205", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(61205);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/10/25 13:36:20\");\n\n script_cve_id(\"CVE-2011-4599\");\n\n script_name(english:\"Scientific Linux Security Update : icu on SL5.x, SL6.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The International Components for Unicode (ICU) library provides robust\nand full-featured Unicode services.\n\nA stack-based buffer overflow flaw was found in the way ICU performed\nvariant canonicalization for some locale identifiers. If a specially\ncrafted locale representation was opened in an application linked\nagainst ICU, it could cause the application to crash or, possibly,\nexecute arbitrary code with the privileges of the user running the\napplication. (CVE-2011-4599)\n\nAll users of ICU should upgrade to these updated packages, which\ncontain a backported patch to resolve this issue. All applications\nlinked against ICU must be restarted for this update to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1112&L=scientific-linux-errata&T=0&P=3147\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9c86831f\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"icu-3.6-5.16.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"icu-debuginfo-3.6-5.16.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"libicu-3.6-5.16.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"libicu-devel-3.6-5.16.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"libicu-doc-3.6-5.16.1\")) flag++;\n\nif (rpm_check(release:\"SL6\", reference:\"icu-4.2.1-9.1.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"icu-debuginfo-4.2.1-9.1.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"libicu-4.2.1-9.1.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"libicu-devel-4.2.1-9.1.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"libicu-doc-4.2.1-9.1.el6_2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-01T12:03:53", "description": "A vulnerability has been discovered and corrected in icu :\n\nA stack-based buffer overflow flaw was found in the way ICU performed\nvariant canonicalization for some locale identifiers. If a specially\ncrafted locale representation was opened in an application linked\nagainst ICU, it could cause the application to crash or, possibly,\nexecute arbitrary code with the privileges of the user running the\napplication (CVE-2011-4599).\n\nThe updated packages have been patched to correct this issue.", "edition": 23, "published": "2011-12-28T00:00:00", "title": "Mandriva Linux Security Advisory : icu (MDVSA-2011:194)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4599"], "modified": "2020-12-02T00:00:00", "cpe": ["cpe:/o:mandriva:linux:2011", "p-cpe:/a:mandriva:linux:libicu48", "p-cpe:/a:mandriva:linux:icu-doc", "p-cpe:/a:mandriva:linux:libicu44", "p-cpe:/a:mandriva:linux:libicu-devel", "p-cpe:/a:mandriva:linux:lib64icu-devel", "cpe:/o:mandriva:linux:2010.1", "p-cpe:/a:mandriva:linux:lib64icu44", "p-cpe:/a:mandriva:linux:lib64icu48", "p-cpe:/a:mandriva:linux:icu"], "id": "MANDRIVA_MDVSA-2011-194.NASL", "href": "https://www.tenable.com/plugins/nessus/57407", "sourceData": "#%NASL_MIN_LEVEL 80502\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2011:194. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(57407);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2019/08/02 13:32:54\");\n\n script_cve_id(\"CVE-2011-4599\");\n script_bugtraq_id(51006);\n script_xref(name:\"MDVSA\", value:\"2011:194\");\n\n script_name(english:\"Mandriva Linux Security Advisory : icu (MDVSA-2011:194)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability has been discovered and corrected in icu :\n\nA stack-based buffer overflow flaw was found in the way ICU performed\nvariant canonicalization for some locale identifiers. If a specially\ncrafted locale representation was opened in an application linked\nagainst ICU, it could cause the application to crash or, possibly,\nexecute arbitrary code with the privileges of the user running the\napplication (CVE-2011-4599).\n\nThe updated packages have been patched to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=765812\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:icu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:icu-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64icu-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64icu44\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64icu48\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libicu-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libicu44\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libicu48\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2011\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2010.1\", reference:\"icu-4.4-2.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"icu-doc-4.4-2.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64icu-devel-4.4-2.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64icu44-4.4-2.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libicu-devel-4.4-2.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libicu44-4.4-2.1mdv2010.2\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2011\", reference:\"icu-4.8-1.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"icu-doc-4.8-1.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64icu-devel-4.8-1.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64icu48-4.8-1.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libicu-devel-4.8-1.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libicu48-4.8-1.1-mdv2011.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-01T09:29:46", "description": "Updated icu packages that fix one security issue are now available for\nRed Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nThe International Components for Unicode (ICU) library provides robust\nand full-featured Unicode services.\n\nA stack-based buffer overflow flaw was found in the way ICU performed\nvariant canonicalization for some locale identifiers. If a specially\ncrafted locale representation was opened in an application linked\nagainst ICU, it could cause the application to crash or, possibly,\nexecute arbitrary code with the privileges of the user running the\napplication. (CVE-2011-4599)\n\nAll users of ICU should upgrade to these updated packages, which\ncontain a backported patch to resolve this issue. All applications\nlinked against ICU must be restarted for this update to take effect.", "edition": 24, "published": "2011-12-14T00:00:00", "title": "CentOS 5 / 6 : icu (CESA-2011:1815)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4599"], "modified": "2020-12-02T00:00:00", "cpe": ["cpe:/o:centos:centos:6", "p-cpe:/a:centos:centos:libicu", "p-cpe:/a:centos:centos:libicu-devel", "cpe:/o:centos:centos:5", "p-cpe:/a:centos:centos:icu", "p-cpe:/a:centos:centos:libicu-doc"], "id": "CENTOS_RHSA-2011-1815.NASL", "href": "https://www.tenable.com/plugins/nessus/57291", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:1815 and \n# CentOS Errata and Security Advisory 2011:1815 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(57291);\n script_version(\"1.17\");\n script_cvs_date(\"Date: 2019/10/25 13:36:06\");\n\n script_cve_id(\"CVE-2011-4599\");\n script_bugtraq_id(51006);\n script_xref(name:\"RHSA\", value:\"2011:1815\");\n\n script_name(english:\"CentOS 5 / 6 : icu (CESA-2011:1815)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated icu packages that fix one security issue are now available for\nRed Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nThe International Components for Unicode (ICU) library provides robust\nand full-featured Unicode services.\n\nA stack-based buffer overflow flaw was found in the way ICU performed\nvariant canonicalization for some locale identifiers. If a specially\ncrafted locale representation was opened in an application linked\nagainst ICU, it could cause the application to crash or, possibly,\nexecute arbitrary code with the privileges of the user running the\napplication. (CVE-2011-4599)\n\nAll users of ICU should upgrade to these updated packages, which\ncontain a backported patch to resolve this issue. All applications\nlinked against ICU must be restarted for this update to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-December/018323.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0f6df519\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-December/018324.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e0ec6869\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-December/018340.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bd404633\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected icu packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:icu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libicu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libicu-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libicu-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/06/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x / 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"icu-3.6-5.16.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"libicu-3.6-5.16.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"libicu-devel-3.6-5.16.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"libicu-doc-3.6-5.16.1\")) flag++;\n\nif (rpm_check(release:\"CentOS-6\", reference:\"icu-4.2.1-9.1.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"libicu-4.2.1-9.1.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"libicu-devel-4.2.1-9.1.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"libicu-doc-4.2.1-9.1.el6_2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"icu / libicu / libicu-devel / libicu-doc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:43", "bulletinFamily": "software", "cvelist": ["CVE-2011-4599"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2011:194\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n\r\n Package : icu\r\n Date : December 27, 2011\r\n Affected: 2010.1, 2011., Enterprise Server 5.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n A vulnerability has been discovered and corrected in icu:\r\n \r\n A stack-based buffer overflow flaw was found in the way ICU\r\n performed variant canonicalization for some locale identifiers. If a\r\n specially-crafted locale representation was opened in an application\r\n linked against ICU, it could cause the application to crash or,\r\n possibly, execute arbitrary code with the privileges of the user\r\n running the application &#40;CVE-2011-4599&#41;.\r\n \r\n The updated packages have been patched to correct this issue.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4599\r\n http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=765812\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Linux 2010.1:\r\n f636ef5c8fc11c9ef228c888a5f1c375 2010.1/i586/icu-4.4-2.1mdv2010.2.i586.rpm\r\n 05305bca0946dd6a7af31a4644b10be6 2010.1/i586/icu-doc-4.4-2.1mdv2010.2.i586.rpm\r\n 641aeb15718c51525e66c24a0aa1372c 2010.1/i586/libicu44-4.4-2.1mdv2010.2.i586.rpm\r\n cb1dbefda3ae9267a598172ec0ba00a9 2010.1/i586/libicu-devel-4.4-2.1mdv2010.2.i586.rpm \r\n d480dfccb101762e8c11382b03996736 2010.1/SRPMS/icu-4.4-2.1mdv2010.2.src.rpm\r\n\r\n Mandriva Linux 2010.1/X86_64:\r\n bc6f3753043c82300093e5772646cabb 2010.1/x86_64/icu-4.4-2.1mdv2010.2.x86_64.rpm\r\n d301f0e3490e6af029c6b8a51aea63ae 2010.1/x86_64/icu-doc-4.4-2.1mdv2010.2.x86_64.rpm\r\n 98a1dcf68dc12d6c5189fc080d647541 2010.1/x86_64/lib64icu44-4.4-2.1mdv2010.2.x86_64.rpm\r\n 6ec9e6563d871b8a9f683915a4a6dfcf 2010.1/x86_64/lib64icu-devel-4.4-2.1mdv2010.2.x86_64.rpm \r\n d480dfccb101762e8c11382b03996736 2010.1/SRPMS/icu-4.4-2.1mdv2010.2.src.rpm\r\n\r\n Mandriva Linux 2011:\r\n c6184666829529808d7b65e4209ca391 2011/i586/icu-4.8-1.1-mdv2011.0.i586.rpm\r\n 77d6ea5d2ba58045febed9e6dd16b3c9 2011/i586/icu-doc-4.8-1.1-mdv2011.0.i586.rpm\r\n f80f2e5939004c39ff0ca904477663ca 2011/i586/libicu48-4.8-1.1-mdv2011.0.i586.rpm\r\n 6d7c5371aeab199d7b8d3ecaf8f34dda 2011/i586/libicu-devel-4.8-1.1-mdv2011.0.i586.rpm \r\n ee26c16f6df9d3fd286cf92e6e70498e 2011/SRPMS/icu-4.8-1.1.src.rpm\r\n\r\n Mandriva Linux 2011/X86_64:\r\n 6702892b293ac39440ee2d2fe0adf597 2011/x86_64/icu-4.8-1.1-mdv2011.0.x86_64.rpm\r\n 8189ac1634256646f111b3fe6e7aa365 2011/x86_64/icu-doc-4.8-1.1-mdv2011.0.x86_64.rpm\r\n 81d72178292ee239eb4e8d5efa0b8ced 2011/x86_64/lib64icu48-4.8-1.1-mdv2011.0.x86_64.rpm\r\n 355101426ad51b28a174dfe51d0605ce 2011/x86_64/lib64icu-devel-4.8-1.1-mdv2011.0.x86_64.rpm \r\n ee26c16f6df9d3fd286cf92e6e70498e 2011/SRPMS/icu-4.8-1.1.src.rpm\r\n\r\n Mandriva Enterprise Server 5:\r\n 9db3d3e64e0ecfcb43bfb3568df1b5b9 mes5/i586/icu-4.0-2.2mdvmes5.2.i586.rpm\r\n e5cf53874c0cdd9e0837d65976a3a33f mes5/i586/icu-doc-4.0-2.2mdvmes5.2.i586.rpm\r\n fc8920ecd40c9677051d6b43808cba2b mes5/i586/libicu40-4.0-2.2mdvmes5.2.i586.rpm\r\n 11802680627a69e7daf22b3ea3d3097e mes5/i586/libicu-devel-4.0-2.2mdvmes5.2.i586.rpm \r\n 03386290a0c985306d574d198df2870b mes5/SRPMS/icu-4.0-2.2mdvmes5.2.src.rpm\r\n\r\n Mandriva Enterprise Server 5/X86_64:\r\n d4e8f9d23253330afde15792ee0da5c5 mes5/x86_64/icu-4.0-2.2mdvmes5.2.x86_64.rpm\r\n 42c2e4967eaf25f682af35c1d74c3fbb mes5/x86_64/icu-doc-4.0-2.2mdvmes5.2.x86_64.rpm\r\n f5856b5cb0239396ba96a58ee90eb123 mes5/x86_64/lib64icu40-4.0-2.2mdvmes5.2.x86_64.rpm\r\n b38aff30d218259d3645511166ce0643 mes5/x86_64/lib64icu-devel-4.0-2.2mdvmes5.2.x86_64.rpm \r\n 03386290a0c985306d574d198df2870b mes5/SRPMS/icu-4.0-2.2mdvmes5.2.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_&#40;at&#41;_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n &lt;security*mandriva.com&gt;\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.11 &#40;GNU/Linux&#41;\r\n\r\niD8DBQFO+aWMmqjQ0CJFipgRAu9bAJ9b3aDy3NX0LDWYBEnQnJZCBfWi4QCgxzsX\r\nSfy7BMjIZ7iQN2g0aDLaqxE=\r\n=/aTY\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "modified": "2012-01-02T00:00:00", "published": "2012-01-02T00:00:00", "id": "SECURITYVULNS:DOC:27505", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:27505", "title": "[ MDVSA-2011:194 ] icu", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:45", "bulletinFamily": "software", "cvelist": ["CVE-2011-4599"], "description": "Memory corruption on locale processing.", "edition": 1, "modified": "2012-01-02T00:00:00", "published": "2012-01-02T00:00:00", "id": "SECURITYVULNS:VULN:12123", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12123", "title": "ICU library memory corruption", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:48", "bulletinFamily": "software", "cvelist": ["CVE-2012-3722", "CVE-2011-3026", "CVE-2012-3721", "CVE-2011-4599", "CVE-2012-3723", "CVE-2012-0643", "CVE-2012-3720", "CVE-2012-0670", "CVE-2012-3718", "CVE-2012-0650", "CVE-2011-3048", "CVE-2012-3716", "CVE-2012-0671", "CVE-2012-0652", "CVE-2012-1173", "CVE-2012-0668", "CVE-2012-3719"], "description": "Multiple vulnerabilities in different subsystems.", "edition": 1, "modified": "2012-10-01T00:00:00", "published": "2012-10-01T00:00:00", "id": "SECURITYVULNS:VULN:12597", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12597", "title": "Apple Mac OS X multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:46", "bulletinFamily": "software", "cvelist": ["CVE-2012-0682", "CVE-2012-3722", "CVE-2012-3590", "CVE-2011-3026", "CVE-2011-4599", "CVE-2012-3678", "CVE-2012-0683", "CVE-2011-3919", "CVE-2011-1167", "CVE-2012-3726", "CVE-2012-3725", "CVE-2011-3328", "CVE-2011-2834", "CVE-2011-3048", "CVE-2012-3589", "CVE-2012-3679", "CVE-2012-1173", "CVE-2012-3592", "CVE-2011-2821", "CVE-2011-1944", "CVE-2012-3591"], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nAPPLE-SA-2012-09-24-1 Apple TV 5.1\r\n\r\nApple TV 5.1 is now available and addresses the following:\r\n\r\nApple TV\r\nAvailable for: Apple TV 2nd generation and later\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: An uninitialized memory access existed in the handling\r\nof Sorenson encoded movie files. This issue was addressed through\r\nimproved memory initialization.\r\nCVE-ID\r\nCVE-2012-3722 : Will Dormann of the CERT/CC\r\n\r\nApple TV\r\nAvailable for: Apple TV 2nd generation and later\r\nImpact: A malicious Wi-Fi network may be able to determine networks\r\na device has previously accessed\r\nDescription: Upon connecting to a Wi-Fi network, iOS may broadcast\r\nMAC addresses of previously accessed networks per the DNAv4\r\nprotocol. This issue was addressed by disabling DNAv4 on unencrypted\r\nWi-Fi networks\r\nCVE-ID\r\nCVE-2012-3725 : Mark Wuergler of Immunity, Inc.\r\n\r\nApple TV\r\nAvailable for: Apple TV 2nd generation and later\r\nImpact: Viewing a maliciously crafted TIFF file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in libtiff&#39;s handling of\r\nThunderScan encoded TIFF images. This issue was addressed by updating\r\nlibtiff to version 3.9.5.\r\nCVE-ID\r\nCVE-2011-1167\r\n\r\nApple TV\r\nAvailable for: Apple TV 2nd generation and later\r\nImpact: Viewing a maliciously crafted PNG image may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in libpng&#39;s\r\nhandling of PNG images. These issues were addressed through improved\r\nvalidation of PNG images.\r\nCVE-ID\r\nCVE-2011-3026 : Juri Aedla\r\nCVE-2011-3048\r\nCVE-2011-3328\r\n\r\nApple TV\r\nAvailable for: Apple TV 2nd generation and later\r\nImpact: Viewing a maliciously crafted JPEG image may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A double free issue existed in ImageIO&#39;s handling of\r\nJPEG images. This issue was addressed through improved memory\r\nmanagement.\r\nCVE-ID\r\nCVE-2012-3726 : Phil of PKJE Consulting\r\n\r\nApple TV\r\nAvailable for: Apple TV 2nd generation and later\r\nImpact: Viewing a maliciously crafted TIFF image may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: An integer overflow issue existed in libTIFF&#39;s handling\r\nof TIFF images. This issue was addressed through improved validation\r\nof TIFF images. This issue does not affect OS X Mountain Lion\r\nsystems.\r\nCVE-ID\r\nCVE-2012-1173\r\n\r\nApple TV\r\nAvailable for: Apple TV 2nd generation and later\r\nImpact: Applications that use ICU may be vulnerable to an unexpected\r\napplication termination or arbitrary code execution\r\nDescription: A stack buffer overflow existed in the handling of ICU\r\nlocale IDs. This issue was addressed through improved bounds\r\nchecking.\r\nCVE-ID\r\nCVE-2011-4599\r\n\r\nApple TV\r\nAvailable for: Apple TV 2nd generation and later\r\nImpact: An attacker with a privileged network position may cause an\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple vulnerabilities existed in libxml, the most\r\nserious of which may lead to an unexpected application termination or\r\narbitrary code execution. These issues were addressed by applying the\r\nrelevant upstream patches.\r\nCVE-ID\r\nCVE-2011-1944 : Chris Evans of Google Chrome Security Team\r\nCVE-2011-2821 : Yang Dingning of NCNIPC, Graduate University of\r\nChinese Academy of Sciences\r\nCVE-2011-2834 : Yang Dingning of NCNIPC, Graduate University of\r\nChinese Academy of Sciences\r\nCVE-2011-3919 : Juri Aedla\r\n\r\nApple TV\r\nAvailable for: Apple TV 2nd generation and later\r\nImpact: An attacker with a privileged network position may cause an\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in\r\nJavaScriptCore. These issues were addressed through improved memory\r\nhandling.\r\nCVE-ID\r\nCVE-2012-0682 : Apple Product Security\r\nCVE-2012-0683 : Dave Mandelin of Mozilla\r\nCVE-2012-3589 : Dave Mandelin of Mozilla\r\nCVE-2012-3590 : Apple Product Security\r\nCVE-2012-3591 : Apple Product Security\r\nCVE-2012-3592 : Apple Product Security\r\nCVE-2012-3678 : Apple Product Security\r\nCVE-2012-3679 : Chris Leary of Mozilla\r\n\r\n\r\nInstallation note:\r\n\r\nApple TV will periodically check for software updates. Alternatively,\r\nyou may manually check for software updates by selecting\r\n&quot;Settings -&gt; General -&gt; Update Software&quot;.\r\n\r\nTo check the current version of software, select\r\n&quot;Settings -&gt; General -&gt; About&quot;.\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: http://support.apple.com/kb/HT1222\r\n\r\nThis message is signed with Apple&#39;s Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG/MacGPG2 v2.0.17 &#40;Darwin&#41;\r\nComment: GPGTools - http://gpgtools.org\r\n\r\niQIcBAEBAgAGBQJQXO50AAoJEPefwLHPlZEwc40P/AmBKys+PAsdT8gGrSpOY1B9\r\n8h+Y0xdE+Hmesq9D4p6wvdY/lR+zMqtSwT6amNImYCIaRmm1P8+r8n31be52TYlg\r\n7GqEAZbDtFztHwIISC8Khf8dMvWSrLhzRa7X/cxlIgRKmoXFnqJZzYcUov/M9Uw8\r\nKwejQnztmAx7srHnZCNI+dxFqAC7hPoegnDnlVPx1DkwKDjt8q9xD3PGQyiGWWkI\r\nwqUEWvMGWr65CFyA7R0hDqKuNCowWn2cKP1UhIoEur5yRmc4aQVtOnHhJ8k9mdoO\r\n+58JC/y8lCtqGUyEL2Ar0FmIcRX/GJf+/isKOtmHx0JuEhH5beQ6s9FxU5eNR9DH\r\nEVPmVXowY9wMvKxwHFU3jwq8kQ3+IYC+7KA6lScb5mXO5mC5dbJPLp7uJto7+VtI\r\natgQmvzdB8G562wpwTPuA4UQWWr0i6WWl8zkfgkRHO+cXyN683rkBP/vVEo9FipR\r\nYkQ10RsXqYDRXBcRywmTZZwQy6txMtV9D2bnk1uukQHBsZh30/mEpcmZbo6CO3s3\r\nmnOtu5D2OQsNt4MqbviUkEgdc9JIJnqAOo+9YguDCEu6Rd7unbKB3RpmD+A3OJnR\r\nGhEa2Gqyvm/ozfb2D4L01y4UQo7dMLw+t/FOZXkrpdLlWn2LANWvXDCPSzIFCKoN\r\ncXF+ij425pfY+d7Iekz3\r\n=PSL+\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "modified": "2012-10-04T00:00:00", "published": "2012-10-04T00:00:00", "id": "SECURITYVULNS:DOC:28598", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:28598", "title": "APPLE-SA-2012-09-24-1 Apple TV 5.1", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:48", "bulletinFamily": "software", "cvelist": ["CVE-2012-0682", "CVE-2012-3722", "CVE-2012-3590", "CVE-2011-3026", "CVE-2011-4599", "CVE-2012-3678", "CVE-2012-0683", "CVE-2011-3919", "CVE-2011-1167", "CVE-2012-3726", "CVE-2012-3725", "CVE-2011-3328", "CVE-2011-2834", "CVE-2011-3048", "CVE-2012-3589", "CVE-2012-3679", "CVE-2012-1173", "CVE-2012-3592", "CVE-2011-2821", "CVE-2011-1944", "CVE-2012-3591"], "description": "Multiple vulnerabilities on different formats and protocols parsing.", "edition": 1, "modified": "2012-10-04T00:00:00", "published": "2012-10-04T00:00:00", "id": "SECURITYVULNS:VULN:12610", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12610", "title": "Apple TV multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:46", "bulletinFamily": "software", "cvelist": ["CVE-2012-3722", "CVE-2011-4317", "CVE-2012-2311", "CVE-2011-3026", "CVE-2012-2386", "CVE-2011-3607", "CVE-2012-0031", "CVE-2012-3721", "CVE-2011-4599", "CVE-2012-1823", "CVE-2012-2143", "CVE-2012-2688", "CVE-2012-3723", "CVE-2011-3389", "CVE-2012-0643", "CVE-2012-0053", "CVE-2012-0021", "CVE-2012-3720", "CVE-2011-3368", "CVE-2012-0670", "CVE-2012-3718", "CVE-2012-1667", "CVE-2012-0650", "CVE-2012-1172", "CVE-2011-3048", "CVE-2012-3716", "CVE-2012-0671", "CVE-2012-0652", "CVE-2012-1173", "CVE-2012-0831", "CVE-2012-0668", "CVE-2011-4313", "CVE-2012-3719"], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nAPPLE-SA-2012-09-19-2 OS X Mountain Lion v10.8.2, OS X Lion v10.7.5 and\r\nSecurity Update 2012-004\r\n\r\nOS X Mountain Lion v10.8.2, OS X Lion v10.7.5 and Security Update\r\n2012-004 are now available and address the following:\r\n\r\nApache\r\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\r\nOS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4\r\nImpact: Multiple vulnerabilities in Apache\r\nDescription: Apache is updated to version 2.2.22 to address several\r\nvulnerabilities, the most serious of which may lead to a denial of\r\nservice. Further information is available via the Apache web site at\r\nhttp://httpd.apache.org/. This issue does not affect OS X Mountain\r\nLion systems.\r\nCVE-ID\r\nCVE-2011-3368\r\nCVE-2011-3607\r\nCVE-2011-4317\r\nCVE-2012-0021\r\nCVE-2012-0031\r\nCVE-2012-0053\r\n\r\nBIND\r\nAvailable for: OS X Lion v10.7 to v10.7.4,\r\nOS X Lion Server v10.7 to v10.7.4\r\nImpact: A remote attacker may be able to cause a denial of service\r\nin systems configured to run BIND as a DNS nameserver\r\nDescription: A reachable assertion issue existed in the handling of\r\nDNS records. This issue was addressed by updating to BIND 9.7.6-P1.\r\nThis issue does not affect OS X Mountain Lion systems.\r\nCVE-ID\r\nCVE-2011-4313\r\n\r\nBIND\r\nAvailable for: OS X Lion v10.7 to v10.7.4,\r\nOS X Lion Server v10.7 to v10.7.4,\r\nOS X Mountain Lion v10.8 and v10.8.1\r\nImpact: A remote attacker may be able to cause a denial of service,\r\ndata corruption, or obtain sensitive information from process memory\r\nin systems configured to run BIND as a DNS nameserver\r\nDescription: A memory management issue existed in the handling of\r\nDNS records. This issue was addressed by updating to BIND 9.7.6-P1 on\r\nOS X Lion systems, and BIND 9.8.3-P1 on OS X Mountain Lion systems.\r\nCVE-ID\r\nCVE-2012-1667\r\n\r\nCoreText\r\nAvailable for: OS X Lion v10.7 to v10.7.4,\r\nOS X Lion Server v10.7 to v10.7.4\r\nImpact: Applications that use CoreText may be vulnerable to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A bounds checking issue existed in the handling of text\r\nglyphs, which may lead to out of bounds memory reads or writes. This\r\nissue was addressed through improved bounds checking. This issue does\r\nnot affect Mac OS X v10.6 or OS X Mountain Lion systems.\r\nCVE-ID\r\nCVE-2012-3716 : Jesse Ruderman of Mozilla Corporation\r\n\r\nData Security\r\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\r\nOS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4,\r\nOS X Mountain Lion v10.8 and v10.8.1\r\nImpact: An attacker with a privileged network position may intercept\r\nuser credentials or other sensitive information\r\nDescription: TrustWave, a trusted root CA, has issued, and\r\nsubsequently revoked, a sub-CA certificate from one of its trusted\r\nanchors. This sub-CA facilitated the interception of communications\r\nsecured by Transport Layer Security &#40;TLS&#41;. This update adds the\r\ninvolved sub-CA certificate to OS X&#39;s list of untrusted certificates.\r\n\r\nDirectoryService\r\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8\r\nImpact: If the DirectoryService Proxy is used, a remote attacker may\r\ncause a denial of service or arbitrary code execution\r\nDescription: A buffer overflow existed in the DirectoryService\r\nProxy. This issue was addressed through improved bounds checking.\r\nThis issue does not affect OS X Lion and Mountain Lion systems.\r\nCVE-ID\r\nCVE-2012-0650 : aazubel working with HP&#39;s Zero Day Initiative\r\n\r\nImageIO\r\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\r\nOS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4\r\nImpact: Viewing a maliciously crafted PNG image may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in libpng&#39;s\r\nhandling of PNG images. These issues were addressed through improved\r\nvalidation of PNG images. These issues do not affect OS X Mountain\r\nLion systems.\r\nCVE-ID\r\nCVE-2011-3026 : Juri Aedla\r\nCVE-2011-3048\r\n\r\nImageIO\r\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\r\nOS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4\r\nImpact: Viewing a maliciously crafted TIFF image may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: An integer overflow issue existed in libTIFF&#39;s handling\r\nof TIFF images. This issue was addressed through improved validation\r\nof TIFF images. This issue does not affect OS X Mountain Lion\r\nsystems.\r\nCVE-ID\r\nCVE-2012-1173 : Alexander Gavrun working with HP&#39;s Zero Day\r\nInitiative\r\n\r\nInstaller\r\nAvailable for: OS X Lion v10.7 to v10.7.4,\r\nOS X Lion Server v10.7 to v10.7.4\r\nImpact: Remote admins and persons with physical access to the system\r\nmay obtain account information\r\nDescription: The fix for CVE-2012-0652 in OS X Lion 10.7.4 prevented\r\nuser passwords from being recorded in the system log, but did not\r\nremove the old log entries. This issue was addressed by deleting log\r\nfiles that contained passwords. This issue does not affect Mac OS X\r\n10.6 or OS X Mountain Lion systems.\r\nCVE-ID\r\nCVE-2012-0652\r\n\r\nInternational Components for Unicode\r\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\r\nOS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4\r\nImpact: Applications that use ICU may be vulnerable to an unexpected\r\napplication termination or arbitrary code execution\r\nDescription: A stack buffer overflow existed in the handling of ICU\r\nlocale IDs. This issue was addressed through improved bounds\r\nchecking. This issue does not affect OS X Mountain Lion systems.\r\nCVE-ID\r\nCVE-2011-4599\r\n\r\nKernel\r\nAvailable for: OS X Lion v10.7 to v10.7.4,\r\nOS X Lion Server v10.7 to v10.7.4\r\nImpact: A malicious program could bypass sandbox restrictions\r\nDescription: A logic issue existed in the handling of debug system\r\ncalls. This may allow a malicious program to gain code execution in\r\nother programs with the same user privileges. This issue was\r\naddressed by disabling handling of addresses in PT_STEP and\r\nPT_CONTINUE. This issue does not affect OS X Mountain Lion systems.\r\nCVE-ID\r\nCVE-2012-0643 : iOS Jailbreak Dream Team\r\n\r\nLoginWindow\r\nAvailable for: OS X Mountain Lion v10.8 and v10.8.1\r\nImpact: A local user may be able to obtain other user&#39;s login\r\npasswords\r\nDescription: A user-installed input method could intercept password\r\nkeystrokes from Login Window or Screen Saver Unlock. This issue was\r\naddressed by preventing user-installed methods from being used when\r\nthe system is handling login information.\r\nCVE-ID\r\nCVE-2012-3718 : An anonymous researcher\r\n\r\nMail\r\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\r\nOS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4\r\nImpact: Viewing an e-mail message may lead to execution of web\r\nplugins\r\nDescription: An input validation issue existed in Mail&#39;s handling of\r\nembedded web plugins. This issue was addressed by disabling third-\r\nparty plug-ins in Mail. This issue does not affect OS X Mountain Lion\r\nsystems.\r\nCVE-ID\r\nCVE-2012-3719 : Will Dormann of the CERT/CC\r\n\r\nMobile Accounts\r\nAvailable for: OS X Mountain Lion v10.8 and v10.8.1\r\nImpact: A user with access to the contents of a mobile account may\r\nobtain the account password\r\nDescription: Creating a mobile account saved a hash of the password\r\nin the account, which was used to login when the mobile account was\r\nused as an external account. The password hash could be used to\r\ndetermine the user&#39;s password. This issue was addressed by creating\r\nthe password hash only if external accounts are enabled on the system\r\nwhere the mobile account is created.\r\nCVE-ID\r\nCVE-2012-3720 : Harald Wagener of Google, Inc.\r\n\r\nPHP\r\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\r\nOS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4,\r\nOS X Mountain Lion v10.8 and v10.8.1\r\nImpact: Multiple vulnerabilities in PHP\r\nDescription: &gt;PHP is updated to version 5.3.15 to address multiple\r\nvulnerabilities, the most serious of which may lead to arbitrary code\r\nexecution. Further information is available via the PHP web site at\r\nhttp://www.php.net\r\nCVE-ID\r\nCVE-2012-0831\r\nCVE-2012-1172\r\nCVE-2012-1823\r\nCVE-2012-2143\r\nCVE-2012-2311\r\nCVE-2012-2386\r\nCVE-2012-2688\r\n\r\nPHP\r\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\r\nOS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4\r\nImpact: PHP scripts which use libpng may be vulnerable to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A memory corruption issue existed in the handling of\r\nPNG files. This issue was addressed by updating PHP&#39;s copy of libpng\r\nto version 1.5.10. This issue does not affect OS X Mountain Lion\r\nsystems.\r\nCVE-ID\r\nCVE-2011-3048\r\n\r\nProfile Manager\r\nAvailable for: OS X Lion Server v10.7 to v10.7.4\r\nImpact: An unauthenticated user could enumerate managed devices\r\nDescription: An authentication issue existed in the Device\r\nManagement private interface. This issue was addressed by removing\r\nthe interface. This issue does not affect OS X Mountain Lion\r\nsystems.\r\nCVE-ID\r\nCVE-2012-3721 : Derick Cassidy of XEquals Corporation\r\n\r\nQuickLook\r\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\r\nOS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4\r\nImpact: Viewing a maliciously crafted .pict file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A memory corruption issue existed in the handling of\r\n.pict files. This issue was addressed through improved validation of\r\n.pict files. This issue does not affect OS X Mountain Lion systems.\r\nCVE-ID\r\nCVE-2012-0671 : Rodrigo Rubira Branco &#40;twitter.com/bsdaemon&#41; from the\r\nQualys Vulnerability &amp; Malware Research Labs &#40;VMRL&#41;\r\n\r\nQuickTime\r\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\r\nOS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: An integer overflow existed in QuickTime&#39;s handling of\r\nsean atoms. This issue was addressed through improved bounds\r\nchecking. This issue does not affect OS X Mountain Lion systems.\r\nCVE-ID\r\nCVE-2012-0670 : Tom Gallagher &#40;Microsoft&#41; and Paul Bates &#40;Microsoft&#41;\r\nworking with HP&#39;s Zero Day Initiative\r\n\r\nQuickTime\r\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\r\nOS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: An uninitialized memory access existed in the handling\r\nof Sorenson encoded movie files. This issue was addressed through\r\nimproved memory initialization. This issue does not affect OS X\r\nMountain Lion systems.\r\nCVE-ID\r\nCVE-2012-3722 : Will Dormann of the CERT/CC\r\n\r\nQuickTime\r\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\r\nOS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in the handling of RLE\r\nencoded movie files. This issue was addressed through improved bounds\r\nchecking. This issue does not affect OS X Mountain Lion systems.\r\nCVE-ID\r\nCVE-2012-0668 : Luigi Auriemma working with HP&#39;s Zero Day Initiative\r\n\r\nRuby\r\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\r\nOS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4\r\nImpact: An attacker may be able to decrypt data protected by SSL\r\nDescription: There are known attacks on the confidentiality of SSL\r\n3.0 and TLS 1.0 when a cipher suite uses a block cipher in CBC mode.\r\nThe Ruby OpenSSL module disabled the &#39;empty fragment&#39; countermeasure\r\nwhich prevented these attacks. This issue was addressed by enabling\r\nempty fragments. This issue does not affect OS X Mountain Lion\r\nsystems.\r\nCVE-ID\r\nCVE-2011-3389\r\n\r\nUSB\r\nAvailable for: OS X Lion v10.7 to v10.7.4,\r\nOS X Lion Server v10.7 to v10.7.4\r\nImpact: Attaching a USB device may lead to an unexpected system\r\ntermination or arbitrary code execution\r\nDescription: A memory corruption issue existed in the handling of\r\nUSB hub descriptors. This issue was addressed through improved\r\nhandling of the bNbrPorts descriptor field. This issue does not\r\naffect OS X Mountain Lion systems.\r\nCVE-ID\r\nCVE-2012-3723 : Andy Davis of NGS Secure\r\n\r\nNote: OS X Mountain Lion v10.8.2 includes the content of\r\nSafari 6.0.1. For further details see &quot;About the security content\r\nof Safari 6.0.1&quot; at http://http//support.apple.com/kb/HT5502\r\n\r\n\r\nOS X Mountain Lion v10.8.2, OS X Lion v10.7.5 and Security Update\r\n2012-004 may be obtained from the Software Update pane in System\r\nPreferences, or Apple&#39;s Software Downloads web site:\r\nhttp://www.apple.com/support/downloads/\r\n\r\nThe Software Update utility will present the update that applies\r\nto your system configuration. Only one is needed, either\r\nOS X Mountain Lion v10.8.2, OS X Lion v10.7.5 or Security Update\r\n2012-004.\r\n\r\nFor OS X Mountain Lion v10.8.1\r\nThe download file is named: OSXUpd10.8.2.dmg\r\nIts SHA-1 digest is: d6779e1cc748b78af0207499383b1859ffbebe33\r\n\r\nFor OS X Mountain Lion v10.8\r\nThe download file is named: OSXUpdCombo10.8.2.dmg\r\nIts SHA-1 digest is: b08f10233d362e39f20b69f91d1d73f5e7b68a2c\r\n\r\nFor OS X Lion v10.7.4\r\nThe download file is named: MacOSXUpd10.7.5.dmg\r\nIts SHA-1 digest is: e0a9582cce9896938a7a541bd431862d93893532\r\n\r\nFor OS X Lion v10.7 and v10.7.3\r\nThe download file is named: MacOSXUpdCombo10.7.5.dmg\r\nIts SHA-1 digest is: f7a26b164fa10dae4fe646e57b01c34a619c8d9b\r\n\r\nFor OS X Lion Server v10.7.4\r\nThe download file is named: MacOSXServerUpd10.7.5.dmg\r\nIts SHA-1 digest is: a891b03bfb4eecb745c0c39a32f39960fdb6796a\r\n\r\nFor OS X Lion Server v10.7 and v10.7.3\r\nThe download file is named: MacOSXServerUpdCombo10.7.5.dmg\r\nIts SHA-1 digest is: df6e1748ab0a3c9e05c890be49d514673efd965e\r\n\r\nFor Mac OS X v10.6.8\r\nThe download file is named: SecUpd2012-004.dmg\r\nIts SHA-1 digest is: 5b136e29a871d41012f0c6ea1362d6210c8b4fb7\r\n\r\nFor Mac OS X Server v10.6.8\r\nThe download file is named: SecUpdSrvr2012-004.dmg\r\nIts SHA-1 digest is: 9b24496be15078e58a88537700f2f39c112e3b28\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: http://support.apple.com/kb/HT1222\r\n\r\nThis message is signed with Apple&#39;s Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG/MacGPG2 v2.0.17 &#40;Darwin&#41;\r\nComment: GPGTools - http://gpgtools.org\r\n\r\niQIcBAEBAgAGBQJQWhlbAAoJEPefwLHPlZEwwjwQAKrpQlZh1B2mkSTLxR7QZg6e\r\nQm7SmIZL9sjl5gQkTxoAvOGxJ8uRdYPlJ1IpyU/MbK0GqO53KmFSeKkwCnvLKMaW\r\npc6tiFaQ4zV4LEAwBAFEuqCsMyPEJqKDhYXl2cHQmWfAlrLCyCKfzGLy2mY2UnkE\r\nDQC2+ys70DChFv2GzyXlibBXAGMKDygJ5dVKynsi1ceZLYWbUJoGwlUtXPylBpnO\r\nQyGWXmEloPbhK6HJbKMNacuDdVcb26pvIeFiivkTSxPVlZ3ns2tAwEyvHrzA9O4n\r\n7rQ6jvfDbguOZmM5sPFvVKBw2GVDBNU+G3T8ouIXhk6Pjhr4in8VFCb8MIMLb8hm\r\n7YYn2z1TzKTNmUuYbwe6ukQvf57cPuW0bAvslbl6PgrzqorlNPU4rDoSvPrJx/RO\r\nBOYkcxfirevHDGibfkeqXPjL3h+bVrb1USZpAv+ZOAy0M89SHFcvMtpAhxnoGiV5\r\nw4EyKB+9Yi/CSAk2Ne3Y5kHH7/v3pWV68aJwhVirya7ex3vnJ+M+lRLKSm2BUjL3\r\n+9fykrJBDujFDXoCmK5CN5Wx36DSVZ4VO1h635crotudtcvd+LQ2VHma/Chav5wK\r\nq5SSllf4KEownpx6o/qTxpg5tcC4lvgTcsDHlYcNq2s8KTTjmOden8ar4h7M7QD2\r\nxyBfrQfG/dsif6jGHaot\r\n=8joH\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "modified": "2012-09-24T00:00:00", "published": "2012-09-24T00:00:00", "id": "SECURITYVULNS:DOC:28577", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:28577", "title": "APPLE-SA-2012-09-19-2 OS X Mountain Lion v10.8.2, OS X Lion v10.7.5 and Security Update 2012-004", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:48", "bulletinFamily": "software", "cvelist": ["CVE-2012-3722", "CVE-2012-3729", "CVE-2012-3724", "CVE-2012-1140", "CVE-2012-3731", "CVE-2011-3026", "CVE-2012-1131", "CVE-2012-3746", "CVE-2012-1136", "CVE-2012-3736", "CVE-2012-3738", "CVE-2012-3743", "CVE-2012-1138", "CVE-2011-4599", "CVE-2012-1127", "CVE-2012-1126", "CVE-2011-3457", "CVE-2012-0680", "CVE-2012-1141", "CVE-2012-3727", "CVE-2011-3919", "CVE-2012-1130", "CVE-2012-3733", "CVE-2012-1135", "CVE-2012-1144", "CVE-2012-3744", "CVE-2012-3741", "CVE-2011-1167", "CVE-2012-1133", "CVE-2012-3726", "CVE-2012-1134", "CVE-2012-3725", "CVE-2012-3734", "CVE-2012-1139", "CVE-2011-3328", "CVE-2012-3745", "CVE-2011-2834", "CVE-2012-3740", "CVE-2012-1132", "CVE-2012-3737", "CVE-2011-3048", "CVE-2012-3728", "CVE-2012-1142", "CVE-2012-3735", "CVE-2012-3732", "CVE-2012-1128", "CVE-2012-1173", "CVE-2011-2821", "CVE-2011-1944", "CVE-2012-3742", "CVE-2012-1129", "CVE-2012-3730", "CVE-2012-1143", "CVE-2012-3739", "CVE-2012-1137"], "description": "Large number of vulnerabilities in different components.", "edition": 1, "modified": "2012-09-24T00:00:00", "published": "2012-09-24T00:00:00", "id": "SECURITYVULNS:VULN:12596", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12596", "title": "Apple iOS multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:45", "bulletinFamily": "software", "cvelist": ["CVE-2012-3667", "CVE-2012-0682", "CVE-2012-3670", "CVE-2012-3722", "CVE-2012-3729", "CVE-2011-3039", "CVE-2012-3609", "CVE-2011-3043", "CVE-2012-3646", "CVE-2012-3724", "CVE-2012-3600", "CVE-2012-3610", "CVE-2012-3590", "CVE-2012-1140", "CVE-2012-3693", "CVE-2012-3731", "CVE-2011-3105", "CVE-2012-2815", "CVE-2011-3026", "CVE-2012-1131", "CVE-2012-3639", "CVE-2011-3044", "CVE-2011-3081", "CVE-2012-3637", "CVE-2011-3068", "CVE-2012-3641", "CVE-2012-3746", "CVE-2011-3968", "CVE-2012-1136", "CVE-2012-3703", "CVE-2012-3736", "CVE-2011-2845", "CVE-2012-3738", "CVE-2012-3626", "CVE-2012-3704", "CVE-2012-3603", "CVE-2012-3743", "CVE-2012-3663", "CVE-2012-1138", "CVE-2011-4599", "CVE-2012-3668", "CVE-2012-1127", "CVE-2012-3660", "CVE-2012-3678", "CVE-2012-1520", "CVE-2011-3059", "CVE-2011-3071", "CVE-2012-3635", "CVE-2012-3644", "CVE-2012-1521", "CVE-2012-3676", "CVE-2012-3674", "CVE-2012-3593", "CVE-2011-3075", "CVE-2012-1126", "CVE-2012-3671", "CVE-2011-3457", "CVE-2012-3602", "CVE-2012-3625", "CVE-2012-3611", "CVE-2012-3659", "CVE-2011-3958", "CVE-2012-3596", "CVE-2012-3669", "CVE-2012-3655", "CVE-2012-3634", "CVE-2011-3969", "CVE-2012-3706", "CVE-2012-3658", "CVE-2012-0683", "CVE-2012-0680", "CVE-2012-3684", "CVE-2011-3060", "CVE-2012-1141", "CVE-2012-3727", "CVE-2012-3652", "CVE-2012-3651", "CVE-2011-3971", "CVE-2011-3919", "CVE-2012-1130", "CVE-2012-3665", "CVE-2011-3021", "CVE-2012-3733", "CVE-2012-3664", "CVE-2012-1135", "CVE-2011-3069", "CVE-2012-1144", "CVE-2012-3744", "CVE-2012-3656", "CVE-2012-3666", "CVE-2012-3598", "CVE-2012-3710", "CVE-2012-3645", "CVE-2012-3741", "CVE-2011-1167", "CVE-2012-1133", "CVE-2011-3074", "CVE-2012-3661", "CVE-2012-3726", "CVE-2011-3038", "CVE-2011-3035", "CVE-2012-3708", "CVE-2012-1134", "CVE-2012-3673", "CVE-2011-3053", "CVE-2012-3725", "CVE-2012-3681", "CVE-2012-3642", "CVE-2012-3653", "CVE-2012-3734", "CVE-2012-3682", "CVE-2012-3686", "CVE-2012-1139", "CVE-2011-3036", "CVE-2011-3050", "CVE-2012-3638", "CVE-2012-3633", "CVE-2012-3747", "CVE-2012-2818", "CVE-2011-3328", "CVE-2012-3618", "CVE-2012-3594", "CVE-2011-3078", "CVE-2012-3745", "CVE-2011-2834", "CVE-2012-3628", "CVE-2012-3740", "CVE-2011-3926", "CVE-2011-3073", "CVE-2012-3680", "CVE-2011-3076", "CVE-2012-3614", "CVE-2012-3612", "CVE-2012-3696", "CVE-2012-3605", "CVE-2012-3647", "CVE-2012-3648", "CVE-2011-3086", "CVE-2012-1132", "CVE-2012-3737", "CVE-2012-3617", "CVE-2011-3041", "CVE-2012-3613", "CVE-2011-3048", "CVE-2012-3589", "CVE-2011-3966", "CVE-2011-3034", "CVE-2012-3620", "CVE-2012-3679", "CVE-2012-3728", "CVE-2011-3067", "CVE-2012-3677", "CVE-2011-3924", "CVE-2012-3595", "CVE-2011-3042", "CVE-2011-3016", "CVE-2012-1142", "CVE-2012-3630", "CVE-2012-3735", "CVE-2011-3090", "CVE-2012-3683", "CVE-2012-3732", "CVE-2012-3691", "CVE-2012-3650", "CVE-2012-3640", "CVE-2012-3636", "CVE-2012-3599", "CVE-2012-1128", "CVE-2012-3624", "CVE-2012-1173", "CVE-2012-3629", "CVE-2011-3032", "CVE-2012-3672", "CVE-2012-3592", "CVE-2011-3037", "CVE-2011-2821", "CVE-2012-3627", "CVE-2011-1944", "CVE-2012-3615", "CVE-2012-3695", "CVE-2012-3742", "CVE-2011-3913", "CVE-2012-1129", "CVE-2012-3591", "CVE-2012-3608", "CVE-2011-3064", "CVE-2011-3027", "CVE-2012-3604", "CVE-2012-3730", "CVE-2012-3601", "CVE-2012-1143", "CVE-2011-3040", "CVE-2012-3739", "CVE-2012-3631", "CVE-2012-3597", "CVE-2011-3089", "CVE-2012-1137"], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nAPPLE-SA-2012-09-19-1 iOS 6\r\n\r\niOS 6 is now available and addresses the following:\r\n\r\nCFNetwork\r\nAvailable for: iPhone 3GS and later,\r\niPod touch &#40;4th generation&#41; and later, iPad 2 and later\r\nImpact: Visiting a maliciously crafted website may lead to the\r\ndisclosure of sensitive information\r\nDescription: An issue existed in CFNetwork&#39;s handling of malformed\r\nURLs. CFNetwork may send requests to an incorrect hostname, resulting\r\nin the disclosure of sensitive information. This issue was addressed\r\nthrough improvements to URL handling.\r\nCVE-ID\r\nCVE-2012-3724 : Erling Ellingsen of Facebook\r\n\r\nCoreGraphics\r\nAvailable for: iPhone 3GS and later,\r\niPod touch &#40;4th generation&#41; and later, iPad 2 and later\r\nImpact: Multiple vulnerabilities in FreeType\r\nDescription: Multiple vulnerabilities existed in FreeType, the most\r\nserious of which may lead to arbitrary code execution when processing\r\na maliciously crafted font. These issues were addressed by updating\r\nFreeType to version 2.4.9. Further information is available via the\r\nFreeType site at http://www.freetype.org/\r\nCVE-ID\r\nCVE-2012-1126\r\nCVE-2012-1127\r\nCVE-2012-1128\r\nCVE-2012-1129\r\nCVE-2012-1130\r\nCVE-2012-1131\r\nCVE-2012-1132\r\nCVE-2012-1133\r\nCVE-2012-1134\r\nCVE-2012-1135\r\nCVE-2012-1136\r\nCVE-2012-1137\r\nCVE-2012-1138\r\nCVE-2012-1139\r\nCVE-2012-1140\r\nCVE-2012-1141\r\nCVE-2012-1142\r\nCVE-2012-1143\r\nCVE-2012-1144\r\n\r\nCoreMedia\r\nAvailable for: iPhone 3GS and later,\r\niPod touch &#40;4th generation&#41; and later, iPad 2 and later\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: An uninitialized memory access existed in the handling\r\nof Sorenson encoded movie files. This issue was addressed through\r\nimproved memory initialization.\r\nCVE-ID\r\nCVE-2012-3722 : Will Dormann of the CERT/CC\r\n\r\nDHCP\r\nAvailable for: iPhone 3GS and later,\r\niPod touch &#40;4th generation&#41; and later, iPad 2 and later\r\nImpact: A malicious Wi-Fi network may be able to determine networks\r\na device has previously accessed\r\nDescription: Upon connecting to a Wi-Fi network, iOS may broadcast\r\nMAC addresses of previously accessed networks per the DNAv4 protocol.\r\nThis issue was addressed by disabling DNAv4 on unencrypted Wi-Fi\r\nnetworks.\r\nCVE-ID\r\nCVE-2012-3725 : Mark Wuergler of Immunity, Inc.\r\n\r\nImageIO\r\nAvailable for: iPhone 3GS and later,\r\niPod touch &#40;4th generation&#41; and later, iPad 2 and later\r\nImpact: Viewing a maliciously crafted TIFF file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in libtiff&#39;s handling of\r\nThunderScan encoded TIFF images. This issue was addressed by updating\r\nlibtiff to version 3.9.5.\r\nCVE-ID\r\nCVE-2011-1167\r\n\r\nImageIO\r\nAvailable for: iPhone 3GS and later,\r\niPod touch &#40;4th generation&#41; and later, iPad 2 and later\r\nImpact: Viewing a maliciously crafted PNG image may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in libpng&#39;s\r\nhandling of PNG images. These issues were addressed through improved\r\nvalidation of PNG images.\r\nCVE-ID\r\nCVE-2011-3026 : Juri Aedla\r\nCVE-2011-3048\r\nCVE-2011-3328\r\n\r\nImageIO\r\nAvailable for: iPhone 3GS and later,\r\niPod touch &#40;4th generation&#41; and later, iPad 2 and later\r\nImpact: Viewing a maliciously crafted JPEG image may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A double free issue existed in ImageIO&#39;s handling of\r\nJPEG images. This issue was addressed through improved memory\r\nmanagement.\r\nCVE-ID\r\nCVE-2012-3726 : Phil of PKJE Consulting\r\n\r\nImageIO\r\nAvailable for: iPhone 3GS and later,\r\niPod touch &#40;4th generation&#41; and later, iPad 2 and later\r\nImpact: Viewing a maliciously crafted TIFF image may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: An integer overflow issue existed in libTIFF&#39;s handling\r\nof TIFF images. This issue was addressed through improved validation\r\nof TIFF images.\r\nCVE-ID\r\nCVE-2012-1173 : Alexander Gavrun working with HP&#39;s Zero Day\r\nInitiative\r\n\r\nInternational Components for Unicode\r\nAvailable for: iPhone 3GS and later,\r\niPod touch &#40;4th generation&#41; and later, iPad 2 and later\r\nImpact: Applications that use ICU may be vulnerable to an unexpected\r\napplication termination or arbitrary code execution\r\nDescription: A stack buffer overflow existed in the handling of ICU\r\nlocale IDs. This issue was addressed through improved bounds\r\nchecking.\r\nCVE-ID\r\nCVE-2011-4599\r\n\r\nIPSec\r\nAvailable for: iPhone 3GS and later,\r\niPod touch &#40;4th generation&#41; and later, iPad 2 and later\r\nImpact: Loading a maliciously crafted racoon configuration file may\r\nlead to arbitrary code execution\r\nDescription: A buffer overflow existed in the handling of racoon\r\nconfiguration files. This issue was addressed through improved bounds\r\nchecking.\r\nCVE-ID\r\nCVE-2012-3727 : iOS Jailbreak Dream Team\r\n\r\nKernel\r\nAvailable for: iPhone 3GS and later,\r\niPod touch &#40;4th generation&#41; and later, iPad 2 and later\r\nImpact: A local user may be able to execute arbitrary code with\r\nsystem privileges\r\nDescription: An invalid pointer dereference issue existed in the\r\nkernel&#39;s handling of packet filter ioctls. This may allow an attacker\r\nto alter kernel memory. This issue was addressed through improved\r\nerror handling.\r\nCVE-ID\r\nCVE-2012-3728 : iOS Jailbreak Dream Team\r\n\r\nKernel\r\nAvailable for: iPhone 3GS and later,\r\niPod touch &#40;4th generation&#41; and later, iPad 2 and later\r\nImpact: A local user may be able to determine kernel memory layout\r\nDescription: An uninitialized memory access issue existed in the\r\nBerkeley Packet Filter interpreter, which led to the disclosure of\r\nmemory content. This issue was addressed through improved memory\r\ninitialization.\r\nCVE-ID\r\nCVE-2012-3729 : Dan Rosenberg\r\n\r\nlibxml\r\nAvailable for: iPhone 3GS and later,\r\niPod touch &#40;4th generation&#41; and later, iPad 2 and later\r\nImpact: Viewing a maliciously crafted web page may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple vulnerabilities existed in libxml, the most\r\nserious of which may lead to an unexpected application termination or\r\narbitrary code execution. These issues were addressed by applying the\r\nrelevant upstream patches.\r\nCVE-ID\r\nCVE-2011-1944 : Chris Evans of Google Chrome Security Team\r\nCVE-2011-2821 : Yang Dingning of NCNIPC, Graduate University of\r\nChinese Academy of Sciences\r\nCVE-2011-2834 : Yang Dingning of NCNIPC, Graduate University of\r\nChinese Academy of Sciences\r\nCVE-2011-3919 : Juri Aedla\r\n\r\nMail\r\nAvailable for: iPhone 3GS and later,\r\niPod touch &#40;4th generation&#41; and later, iPad 2 and later\r\nImpact: Mail may present the wrong attachment in a message\r\nDescription: A logic issue existed in Mail&#39;s handling of\r\nattachments. If a subsequent mail attachment used the same Content-ID\r\nas a previous one, the previous attachment would be displayed, even\r\nin the case where the 2 mails originated from different senders. This\r\ncould facilitate some spoofing or phishing attacks. This issue was\r\naddressed through improved handling of attachments.\r\nCVE-ID\r\nCVE-2012-3730 : Angelo Prado of the salesforce.com Product Security\r\nTeam\r\n\r\nMail\r\nAvailable for: iPhone 3GS and later,\r\niPod touch &#40;4th generation&#41; and later, iPad 2 and later\r\nImpact: Email attachments may be read without user&#39;s passcode\r\nDescription: A logic issue existed in Mail&#39;s use of Data Protection\r\non email attachments. This issue was addressed by properly setting\r\nthe Data Protection class for email attachments.\r\nCVE-ID\r\nCVE-2012-3731 : Stephen Prairie of Travelers Insurance, Erich\r\nStuntebeck of AirWatch\r\n\r\nMail\r\nAvailable for: iPhone 3GS and later,\r\niPod touch &#40;4th generation&#41; and later, iPad 2 and later\r\nImpact: An attacker may spoof the sender of a S/MIME signed message\r\nDescription: S/MIME signed messages displayed the untrusted &#39;From&#39;\r\naddress, instead of the name associated with the message signer&#39;s\r\nidentity. This issue was addressed by displaying the address\r\nassociated with the message signer&#39;s identity when it is available.\r\nCVE-ID\r\nCVE-2012-3732 : An anonymous researcher\r\n\r\nMessages\r\nAvailable for: iPhone 3GS and later,\r\niPod touch &#40;4th generation&#41; and later, iPad 2 and later\r\nImpact: A user may unintentionally disclose the existence of their\r\nemail addresses\r\nDescription: When a user had multiple email addresses associated\r\nwith iMessage, replying to a message may have resulted in the reply\r\nbeing sent from a different email address. This may disclose another\r\nemail address associated to the user&#39;s account. This issue was\r\naddressed by always replying from the email address the original\r\nmessage was sent to.\r\nCVE-ID\r\nCVE-2012-3733 : Rodney S. Foley of Gnomesoft, LLC\r\n\r\nOffice Viewer\r\nAvailable for: iPhone 3GS and later,\r\niPod touch &#40;4th generation&#41; and later, iPad 2 and later\r\nImpact: Unencrypted document data may be written to a temporary file\r\nDescription: An information disclosure issue existed in the support\r\nfor viewing Microsoft Office files. When viewing a document, the\r\nOffice Viewer would write a temporary file containing data from the\r\nviewed document to the temporary directory of the invoking process.\r\nFor an application that uses data protection or other encryption to\r\nprotect the user&#39;s files, this could lead to information\r\ndisclosure. This issue was addressed by avoiding creation of\r\ntemporary files when viewing Office documents.\r\nCVE-ID\r\nCVE-2012-3734 : Salvatore Cataudella of Open Systems Technologies\r\n\r\nOpenGL\r\nAvailable for: iPhone 3GS and later,\r\niPod touch &#40;4th generation&#41; and later, iPad 2 and later\r\nImpact: Applications that use OS X&#39;s OpenGL implementation may be\r\nvulnerable to an unexpected application termination or arbitrary code\r\nexecution\r\nDescription: Multiple memory corruption issues existed in the\r\nhandling of GLSL compilation. These issues were addressed through\r\nimproved validation of GLSL shaders.\r\nCVE-ID\r\nCVE-2011-3457 : Chris Evans of the Google Chrome Security Team, and\r\nMarc Schoenefeld of the Red Hat Security Response Team\r\n\r\nPasscode Lock\r\nAvailable for: iPhone 3GS and later,\r\niPod touch &#40;4th generation&#41; and later, iPad 2 and later\r\nImpact: A person with physical access to the device could briefly\r\nview the last used third-party app on a locked device\r\nDescription: A logic issue existed with the display of the &quot;Slide to\r\nPower Off&quot; slider on the lock screen. This issue was addressed\r\nthrough improved lock state management.\r\nCVE-ID\r\nCVE-2012-3735 : Chris Lawrence DBB\r\n\r\nPasscode Lock\r\nAvailable for: iPhone 3GS and later,\r\niPod touch &#40;4th generation&#41; and later, iPad 2 and later\r\nImpact: A person with physical access to the device may be able to\r\nbypass the screen lock\r\nDescription: A logic issue existed in the termination of FaceTime\r\ncalls from the lock screen. This issue was addressed through improved\r\nlock state management.\r\nCVE-ID\r\nCVE-2012-3736 : Ian Vitek of 2Secure AB\r\n\r\nPasscode Lock\r\nAvailable for: iPhone 3GS and later,\r\niPod touch &#40;4th generation&#41; and later, iPad 2 and later\r\nImpact: All photos may be accessible at the lock screen\r\nDescription: A design issue existed in the support for viewing\r\nphotos that were taken at the lock screen. In order to determine\r\nwhich photos to permit access to, the passcode lock consulted the\r\ntime at which the device was locked and compared it to the time that\r\na photo was taken. By spoofing the current time, an attacker could\r\ngain access to photos that were taken before the device was locked.\r\nThis issues was addressed by explicitly keeping track of the photos\r\nthat were taken while the device was locked.\r\nCVE-ID\r\nCVE-2012-3737 : Ade Barkah of BlueWax Inc.\r\n\r\nPasscode Lock\r\nAvailable for: iPhone 3GS and later,\r\niPod touch &#40;4th generation&#41; and later, iPad 2 and later\r\nImpact: A person with physical access to a locked device may perform\r\nFaceTime calls\r\nDescription: A logic issue existed in the Emergency Dialer screen,\r\nwhich permitted FaceTime calls via Voice Dialing on the locked\r\ndevice. This could also disclose the user&#39;s contacts via contact\r\nsuggestions. This issue was addressed by disabling Voice Dialing on\r\nthe Emergency Dialer screen.\r\nCVE-ID\r\nCVE-2012-3738 : Ade Barkah of BlueWax Inc.\r\n\r\nPasscode Lock\r\nAvailable for: iPhone 3GS and later,\r\niPod touch &#40;4th generation&#41; and later, iPad 2 and later\r\nImpact: A person with physical access to the device may be able to\r\nbypass the screen lock\r\nDescription: Using the camera from the screen lock could in some\r\ncases interfere with automatic lock functionality, allowing a person\r\nwith physical access to the device to bypass the Passcode Lock\r\nscreen. This issue was addressed through improved lock state\r\nmanagement.\r\nCVE-ID\r\nCVE-2012-3739 : Sebastian Spanninger of the Austrian Federal\r\nComputing Centre &#40;BRZ&#41;\r\n\r\nPasscode Lock\r\nAvailable for: iPhone 3GS and later,\r\niPod touch &#40;4th generation&#41; and later, iPad 2 and later\r\nImpact: A person with physical access to the device may be able to\r\nbypass the screen lock\r\nDescription: A state management issue existed in the handling of the\r\nscreen lock. This issue was addressed through improved lock state\r\nmanagement.\r\nCVE-ID\r\nCVE-2012-3740 : Ian Vitek of 2Secure AB\r\n\r\nRestrictions\r\nAvailable for: iPhone 3GS and later,\r\niPod touch &#40;4th generation&#41; and later, iPad 2 and later\r\nImpact: A user may be able to make purchases without entering Apple\r\nID credentials\r\nDescription: After disabling Restrictions, iOS may not ask for the\r\nuser&#39;s password during a transaction. This issue was addressed by\r\nadditional enforcement of purchase authorization.\r\nCVE-ID\r\nCVE-2012-3741 : Kevin Makens of Redwood High School\r\n\r\nSafari\r\nAvailable for: iPhone 3GS and later,\r\niPod touch &#40;4th generation&#41; and later, iPad 2 and later\r\nImpact: Websites may use characters with an appearance similar to\r\nthe lock icon in their titles\r\nDescription: Websites could use a Unicode character to create a lock\r\nicon in the page title. This icon was similar in appearance to the\r\nicon used to indicate a secure connection, and could have lead the\r\nuser to believe a secure connection had been established. This issue\r\nwas addressed by removing these characters from page titles.\r\nCVE-ID\r\nCVE-2012-3742 : Boku Kihara of Lepidum\r\n\r\nSafari\r\nAvailable for: iPhone 3GS and later,\r\niPod touch &#40;4th generation&#41; and later, iPad 2 and later\r\nImpact: Passwords may autocomplete even when the site specifies that\r\nautocomplete should be disabled\r\nDescription: Password input elements with the autocomplete attribute\r\nset to &quot;off&quot; were being autocompleted. This issue was addressed\r\nthrough improved handling of the autocomplete attribute.\r\nCVE-ID\r\nCVE-2012-0680 : Dan Poltawski of Moodle\r\n\r\nSystem Logs\r\nAvailable for: iPhone 3GS and later,\r\niPod touch &#40;4th generation&#41; and later, iPad 2 and later\r\nImpact: Sandboxed apps may obtain system log content\r\nDescription: Sandboxed apps had read access to /var/log directory,\r\nwhich may allow them to obtain sensitive information contained in\r\nsystem logs. This issue was addressed by denying sandboxed apps\r\naccess to the /var/log directory.\r\nCVE-ID\r\nCVE-2012-3743\r\n\r\nTelephony\r\nAvailable for: iPhone 3GS and later,\r\niPod touch &#40;4th generation&#41; and later, iPad 2 and later\r\nImpact: An SMS message may appear to have been sent by an arbitrary\r\nuser\r\nDescription: Messages displayed the return address of an SMS message\r\nas the sender. Return addresses may be spoofed. This issue was\r\naddressed by always displaying the originating address instead of the\r\nreturn address.\r\nCVE-ID\r\nCVE-2012-3744 : pod2g\r\n\r\nTelephony\r\nAvailable for: iPhone 3GS and later,\r\niPod touch &#40;4th generation&#41; and later, iPad 2 and later\r\nImpact: An SMS message may disrupt cellular connectivity\r\nDescription: An off-by-one buffer overflow existed in the handling\r\nof SMS user data headers. This issue was addressed through improved\r\nbounds checking.\r\nCVE-ID\r\nCVE-2012-3745 : pod2g\r\n\r\nUIKit\r\nAvailable for: iPhone 3GS and later,\r\niPod touch &#40;4th generation&#41; and later, iPad 2 and later\r\nImpact: An attacker that gains access to a device&#39;s filesystem may\r\nbe able to read files that were being displayed in a UIWebView\r\nDescription: Applications that use UIWebView may leave unencrypted\r\nfiles on the file system even when a passcode is enabled. This issue\r\nwas addressed through improved use of data protection.\r\nCVE-ID\r\nCVE-2012-3746 : Ben Smith of Box\r\n\r\nWebKit\r\nAvailable for: iPhone 3GS and later,\r\niPod touch &#40;4th generation&#41; and later, iPad 2 and later\r\nImpact: Visiting a maliciously crafted website may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in WebKit.\r\nThese issues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2011-3016 : miaubiz\r\nCVE-2011-3021 : Arthur Gerkis\r\nCVE-2011-3027 : miaubiz\r\nCVE-2011-3032 : Arthur Gerkis\r\nCVE-2011-3034 : Arthur Gerkis\r\nCVE-2011-3035 : wushi of team509 working with iDefense VCP, Arthur\r\nGerkis\r\nCVE-2011-3036 : miaubiz\r\nCVE-2011-3037 : miaubiz\r\nCVE-2011-3038 : miaubiz\r\nCVE-2011-3039 : miaubiz\r\nCVE-2011-3040 : miaubiz\r\nCVE-2011-3041 : miaubiz\r\nCVE-2011-3042 : miaubiz\r\nCVE-2011-3043 : miaubiz\r\nCVE-2011-3044 : Arthur Gerkis\r\nCVE-2011-3050 : miaubiz\r\nCVE-2011-3053 : miaubiz\r\nCVE-2011-3059 : Arthur Gerkis\r\nCVE-2011-3060 : miaubiz\r\nCVE-2011-3064 : Atte Kettunen of OUSPG\r\nCVE-2011-3068 : miaubiz\r\nCVE-2011-3069 : miaubiz\r\nCVE-2011-3071 : pa_kt working with HP&#39;s Zero Day Initiative\r\nCVE-2011-3073 : Arthur Gerkis\r\nCVE-2011-3074 : Slawomir Blazek\r\nCVE-2011-3075 : miaubiz\r\nCVE-2011-3076 : miaubiz\r\nCVE-2011-3078 : Martin Barbella of the Google Chrome Security Team\r\nCVE-2011-3081 : miaubiz\r\nCVE-2011-3086 : Arthur Gerkis\r\nCVE-2011-3089 : Skylined of the Google Chrome Security Team, miaubiz\r\nCVE-2011-3090 : Arthur Gerkis\r\nCVE-2011-3105 : miaubiz\r\nCVE-2011-3913 : Arthur Gerkis\r\nCVE-2011-3924 : Arthur Gerkis\r\nCVE-2011-3926 : Arthur Gerkis\r\nCVE-2011-3958 : miaubiz\r\nCVE-2011-3966 : Aki Helin of OUSPG\r\nCVE-2011-3968 : Arthur Gerkis\r\nCVE-2011-3969 : Arthur Gerkis\r\nCVE-2011-3971 : Arthur Gerkis\r\nCVE-2012-0682 : Apple Product Security\r\nCVE-2012-0683 : Dave Mandelin of Mozilla\r\nCVE-2012-1520 : Martin Barbella of the Google Chrome Security Team\r\nusing AddressSanitizer, Jose A. Vazquez of spa-s3c.blogspot.com\r\nworking with iDefense VCP\r\nCVE-2012-1521 : Skylined of the Google Chrome Security Team, Jose A.\r\nVazquez of spa-s3c.blogspot.com working with iDefense VCP\r\nCVE-2012-2818 : miaubiz\r\nCVE-2012-3589 : Dave Mandelin of Mozilla\r\nCVE-2012-3590 : Apple Product Security\r\nCVE-2012-3591 : Apple Product Security\r\nCVE-2012-3592 : Apple Product Security\r\nCVE-2012-3593 : Apple Product Security\r\nCVE-2012-3594 : miaubiz\r\nCVE-2012-3595 : Martin Barbella of Google Chrome Security\r\nCVE-2012-3596 : Skylined of the Google Chrome Security Team\r\nCVE-2012-3597 : Abhishek Arya &#40;Inferno&#41; of the Google Chrome Security\r\nTeam\r\nCVE-2012-3598 : Apple Product Security\r\nCVE-2012-3599 : Abhishek Arya &#40;Inferno&#41; of the Google Chrome Security\r\nTeam\r\nCVE-2012-3600 : David Levin of the Chromium development community\r\nCVE-2012-3601 : Martin Barbella of the Google Chrome Security Team\r\nusing AddressSanitizer\r\nCVE-2012-3602 : miaubiz\r\nCVE-2012-3603 : Apple Product Security\r\nCVE-2012-3604 : Skylined of the Google Chrome Security Team\r\nCVE-2012-3605 : Cris Neckar of the Google Chrome Security team\r\nCVE-2012-3608 : Skylined of the Google Chrome Security Team\r\nCVE-2012-3609 : Skylined of the Google Chrome Security Team\r\nCVE-2012-3610 : Skylined of the Google Chrome Security Team\r\nCVE-2012-3611 : Apple Product Security\r\nCVE-2012-3612 : Skylined of the Google Chrome Security Team\r\nCVE-2012-3613 : Abhishek Arya &#40;Inferno&#41; of the Google Chrome Security\r\nTeam\r\nCVE-2012-3614 : Yong Li of Research In Motion, Inc.\r\nCVE-2012-3615 : Stephen Chenney of the Chromium development community\r\nCVE-2012-3617 : Apple Product Security\r\nCVE-2012-3618 : Abhishek Arya &#40;Inferno&#41; of the Google Chrome Security\r\nTeam\r\nCVE-2012-3620 : Abhishek Arya &#40;Inferno&#41; of the Google Chrome Security\r\nTeam\r\nCVE-2012-3624 : Skylined of the Google Chrome Security Team\r\nCVE-2012-3625 : Skylined of Google Chrome Security Team\r\nCVE-2012-3626 : Apple Product Security\r\nCVE-2012-3627 : Skylined and Abhishek Arya &#40;Inferno&#41; of Google Chrome\r\nSecurity team\r\nCVE-2012-3628 : Apple Product Security\r\nCVE-2012-3629 : Abhishek Arya &#40;Inferno&#41; of the Google Chrome Security\r\nTeam\r\nCVE-2012-3630 : Abhishek Arya &#40;Inferno&#41; of the Google Chrome Security\r\nTeam\r\nCVE-2012-3631 : Abhishek Arya &#40;Inferno&#41; of the Google Chrome Security\r\nTeam\r\nCVE-2012-3633 : Martin Barbella of Google Chrome Security Team using\r\nAddressSanitizer\r\nCVE-2012-3634 : Martin Barbella of Google Chrome Security Team using\r\nAddressSanitizer\r\nCVE-2012-3635 : Martin Barbella of Google Chrome Security Team using\r\nAddressSanitizer\r\nCVE-2012-3636 : Martin Barbella of Google Chrome Security Team using\r\nAddressSanitizer\r\nCVE-2012-3637 : Martin Barbella of Google Chrome Security Team using\r\nAddressSanitizer\r\nCVE-2012-3638 : Martin Barbella of Google Chrome Security Team using\r\nAddressSanitizer\r\nCVE-2012-3639 : Martin Barbella of Google Chrome Security Team using\r\nAddressSanitizer\r\nCVE-2012-3640 : miaubiz\r\nCVE-2012-3641 : Slawomir Blazek\r\nCVE-2012-3642 : miaubiz\r\nCVE-2012-3644 : miaubiz\r\nCVE-2012-3645 : Martin Barbella of Google Chrome Security Team using\r\nAddressSanitizer\r\nCVE-2012-3646 : Julien Chaffraix of the Chromium development\r\ncommunity, Martin Barbella of Google Chrome Security Team using\r\nAddressSanitizer\r\nCVE-2012-3647 : Skylined of the Google Chrome Security Team\r\nCVE-2012-3648 : Abhishek Arya &#40;Inferno&#41; of the Google Chrome Security\r\nTeam\r\nCVE-2012-3651 : Abhishek Arya &#40;Inferno&#41; and Martin Barbella of the\r\nGoogle Chrome Security Team\r\nCVE-2012-3652 : Martin Barbella of Google Chrome Security Team\r\nCVE-2012-3653 : Martin Barbella of Google Chrome Security Team using\r\nAddressSanitizer\r\nCVE-2012-3655 : Skylined of the Google Chrome Security Team\r\nCVE-2012-3656 : Abhishek Arya &#40;Inferno&#41; of the Google Chrome Security\r\nTeam\r\nCVE-2012-3658 : Apple\r\nCVE-2012-3659 : Mario Gomes of netfuzzer.blogspot.com, Abhishek Arya\r\n&#40;Inferno&#41; of the Google Chrome Security Team\r\nCVE-2012-3660 : Abhishek Arya &#40;Inferno&#41; of the Google Chrome Security\r\nTeam\r\nCVE-2012-3661 : Apple Product Security\r\nCVE-2012-3663 : Skylined of Google Chrome Security Team\r\nCVE-2012-3664 : Thomas Sepez of the Chromium development community\r\nCVE-2012-3665 : Martin Barbella of Google Chrome Security Team using\r\nAddressSanitizer\r\nCVE-2012-3666 : Apple\r\nCVE-2012-3667 : Trevor Squires of propaneapp.com\r\nCVE-2012-3668 : Apple Product Security\r\nCVE-2012-3669 : Apple Product Security\r\nCVE-2012-3670 : Abhishek Arya &#40;Inferno&#41; of the Google Chrome Security\r\nTeam, Arthur Gerkis\r\nCVE-2012-3671 : Skylined and Martin Barbella of the Google Chrome\r\nSecurity Team\r\nCVE-2012-3672 : Abhishek Arya &#40;Inferno&#41; of the Google Chrome Security\r\nTeam\r\nCVE-2012-3673 : Abhishek Arya &#40;Inferno&#41; of the Google Chrome Security\r\nTeam\r\nCVE-2012-3674 : Skylined of Google Chrome Security Team\r\nCVE-2012-3676 : Julien Chaffraix of the Chromium development\r\ncommunity\r\nCVE-2012-3677 : Apple\r\nCVE-2012-3678 : Apple Product Security\r\nCVE-2012-3679 : Chris Leary of Mozilla\r\nCVE-2012-3680 : Skylined of Google Chrome Security Team\r\nCVE-2012-3681 : Apple\r\nCVE-2012-3682 : Adam Barth of the Google Chrome Security Team\r\nCVE-2012-3683 : wushi of team509 working with iDefense VCP\r\nCVE-2012-3684 : kuzzcc\r\nCVE-2012-3686 : Robin Cao of Torch Mobile &#40;Beijing&#41;\r\nCVE-2012-3703 : Apple Product Security\r\nCVE-2012-3704 : Skylined of the Google Chrome Security Team\r\nCVE-2012-3706 : Apple Product Security\r\nCVE-2012-3708 : Apple\r\nCVE-2012-3710 : James Robinson of Google\r\nCVE-2012-3747 : David Bloom of Cue\r\n\r\nWebKit\r\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\r\niPod touch &#40;3rd generation&#41; and later, iPad, iPad 2\r\nImpact: Visiting a maliciously crafted website may lead to a cross-\r\nsite disclosure of information\r\nDescription: A cross-origin issue existed in the handling of CSS\r\nproperty values. This issue was addressed through improved origin\r\ntracking.\r\nCVE-ID\r\nCVE-2012-3691 : Apple\r\n\r\nWebKit\r\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\r\niPod touch &#40;3rd generation&#41; and later, iPad, iPad 2\r\nImpact: A malicious website may be able to replace the contents of\r\nan iframe on another site\r\nDescription: A cross-origin issue existed in the handling of iframes\r\nin popup windows. This issue was addressed through improved origin\r\ntracking.\r\nCVE-ID\r\nCVE-2011-3067 : Sergey Glazunov\r\n\r\nWebKit\r\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\r\niPod touch &#40;3rd generation&#41; and later, iPad, iPad 2\r\nImpact: Visiting a maliciously crafted website may lead to a cross-\r\nsite disclosure of information\r\nDescription: A cross-origin issue existed in the handling of iframes\r\nand fragment identifiers. This issue was addressed through improved\r\norigin tracking.\r\nCVE-ID\r\nCVE-2012-2815 : Elie Bursztein, Baptiste Gourdin, Gustav Rydstedt,\r\nand Dan Boneh of the Stanford University Security Laboratory\r\n\r\nWebKit\r\nAvailable for: iPhone 3GS and later,\r\niPod touch &#40;4th generation&#41; and later, iPad 2 and later\r\nImpact: Look-alike characters in a URL could be used to masquerade a\r\nwebsite\r\nDescription: The International Domain Name &#40;IDN&#41; support and Unicode\r\nfonts embedded in Safari could have been used to create a URL which\r\ncontains look-alike characters. These could have been used in a\r\nmalicious website to direct the user to a spoofed site that visually\r\nappears to be a legitimate domain. This issue was addressed by\r\nsupplementing WebKit&#39;s list of known look-alike characters. Look-\r\nalike characters are rendered in Punycode in the address bar.\r\nCVE-ID\r\nCVE-2012-3693 : Matt Cooley of Symantec\r\n\r\nWebKit\r\nAvailable for: iPhone 3GS and later,\r\niPod touch &#40;4th generation&#41; and later, iPad 2 and later\r\nImpact: Visiting a maliciously crafted website may lead to a cross-\r\nsite scripting attack\r\nDescription: A canonicalization issue existed in the handling of\r\nURLs. This may have led to cross-site scripting on sites which use\r\nthe location.href property. This issue was addressed through improved\r\ncanonicalization of URLs.\r\nCVE-ID\r\nCVE-2012-3695 : Masato Kinugawa\r\n\r\nWebKit\r\nAvailable for: iPhone 3GS and later,\r\niPod touch &#40;4th generation&#41; and later, iPad 2 and later\r\nImpact: Visiting a maliciously crafted website may lead to HTTP\r\nrequest splitting\r\nDescription: An HTTP header injection issue existed in the handling\r\nof WebSockets. This issue was addressed through improved WebSockets\r\nURI sanitization.\r\nCVE-ID\r\nCVE-2012-3696 : David Belcher of the BlackBerry Security Incident\r\nResponse Team\r\n\r\nWebKit\r\nAvailable for: iPhone 3GS and later,\r\niPod touch &#40;4th generation&#41; and later, iPad 2 and later\r\nImpact: A maliciously crafted website may be able to spoof the value\r\nin the URL bar\r\nDescription: A state management issue existed in the handling of\r\nsession history. Navigations to a fragment on the current page may\r\ncause Safari to display incorrect information in the URL bar. This\r\nissue was addressed through improved session state tracking.\r\nCVE-ID\r\nCVE-2011-2845 : Jordi Chancel\r\n\r\nWebKit\r\nAvailable for: iPhone 3GS and later,\r\niPod touch &#40;4th generation&#41; and later, iPad 2 and later\r\nImpact: Visiting a maliciously crafted website may lead to the\r\ndisclosure of the disclosure of memory contents\r\nDescription: An uninitialized memory access issue existed in the\r\nhandling of SVG images. This issue was addressed through improved\r\nmemory initialization.\r\nCVE-ID\r\nCVE-2012-3650 : Apple\r\n\r\n\r\nInstallation note:\r\n\r\nThis update is available through iTunes and Software Update on your\r\niOS device, and will not appear in your computer&#39;s Software Update\r\napplication, or in the Apple Downloads site. Make sure you have an\r\nInternet connection and have installed the latest version of iTunes\r\nfrom www.apple.com/itunes/\r\n\r\niTunes and Software Update on the device will automatically check\r\nApple&#39;s update server on its weekly schedule. When an update is\r\ndetected, it is downloaded and the option to be installed is\r\npresented to the user when the iOS device is docked. We recommend\r\napplying the update immediately if possible. Selecting Don&#39;t Install\r\nwill present the option the next time you connect your iOS device.\r\n\r\nThe automatic update process may take up to a week depending on the\r\nday that iTunes or the device checks for updates. You may manually\r\nobtain the update via the Check for Updates button within iTunes, or\r\nthe Software Update on your device.\r\n\r\nTo check that the iPhone, iPod touch, or iPad has been updated:\r\n\r\n* Navigate to Settings\r\n* Select General\r\n* Select About. The version after applying this update will be &quot;6.0&quot;.\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: http://support.apple.com/kb/HT1222\r\n\r\nThis message is signed with Apple&#39;s Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG/MacGPG2 v2.0.17 &#40;Darwin&#41;\r\nComment: GPGTools - http://gpgtools.org\r\n\r\niQIcBAEBAgAGBQJQWeYHAAoJEPefwLHPlZEwFlwP/1Ib/2m8K7orlPb3zmsKTyjo\r\n3T0rFqu1LbXNzwLRhan7E7KiJoQ7U6yVO4045o/19AYZM+zGVNnHsCkUc3+Vcpa5\r\nTZIM9Rik2iXKMxzttFfc5tvhE1u18PstsDLU/jvyW+s3XxMVL54wnSmW1R+P0de0\r\n8+Q++IANogUj+scJzQkTaFDNDN5v1p0BT0+cifCcqktXB4H/PoaQ7drIWiDGYB/9\r\nn4IL5AjM0BJBzWkldfjPimZ0BseSA0BxdeVCopmAgdnigyB60G4cWGzkU7E35VnP\r\ndWgdU9rnIIvGGe/vP912f7AoPtWs1b8n6DYCJgGRXvaRfPoHFUlXaRoVB6vJlMVs\r\nJXyMrw/RSDfYEgJdNbFOSxyJXHUkTkt4+aNW4KcoMR6raI/W5zKDyMEICw1wpkwP\r\nid6Dz4e6ncf+cfvAFqXpk02OC7iJqn71IJN2MvU/hC7797l++PINIoOHwJZolt+T\r\nxL3wV8p3Lk8K6lZx3Q9Tu6Dd7GYkxtjLCgV1NgdHOwPKDUOJ47oG6RjZAd6hpicp\r\nRqYXbk5bJpd3nZv+X6FrCZqGfeuwREWW7FJ0dI+/8ohlnisTz16f48W9FtuN3HIj\r\nbmxFJ46P4LGxrizwDSdBngxf3Utkh+7hGLuMH51/jR8+tCqDIEgpKBA+2F+IOmyP\r\nXtT4lS60xKz63YSg79dd\r\n=LvMt\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "modified": "2012-09-24T00:00:00", "published": "2012-09-24T00:00:00", "id": "SECURITYVULNS:DOC:28576", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:28576", "title": "APPLE-SA-2012-09-19-1 iOS 6", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "amazon": [{"lastseen": "2020-11-10T12:37:25", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4599"], "description": "**Issue Overview:**\n\nA stack-based buffer overflow flaw was found in the way ICU performed variant canonicalization for some locale identifiers. If a specially-crafted locale representation was opened in an application linked against ICU, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. ([CVE-2011-4599 __](<https://access.redhat.com/security/cve/CVE-2011-4599>))\n\n \n**Affected Packages:** \n\n\nicu\n\n \n**Issue Correction:** \nRun _yum update icu_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n libicu-4.2.1-9.9.amzn1.i686 \n icu-4.2.1-9.9.amzn1.i686 \n libicu-devel-4.2.1-9.9.amzn1.i686 \n icu-debuginfo-4.2.1-9.9.amzn1.i686 \n \n noarch: \n libicu-doc-4.2.1-9.9.amzn1.noarch \n \n src: \n icu-4.2.1-9.9.amzn1.src \n \n x86_64: \n icu-debuginfo-4.2.1-9.9.amzn1.x86_64 \n libicu-4.2.1-9.9.amzn1.x86_64 \n libicu-devel-4.2.1-9.9.amzn1.x86_64 \n icu-4.2.1-9.9.amzn1.x86_64 \n \n \n", "edition": 4, "modified": "2012-01-09T09:18:00", "published": "2012-01-09T09:18:00", "id": "ALAS-2012-033", "href": "https://alas.aws.amazon.com/ALAS-2012-33.html", "title": "Medium: icu", "type": "amazon", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2020-11-11T13:19:49", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4599"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2397-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nJanuary 29, 2012 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : icu\nVulnerability : buffer underflow\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2011-4599 \n\nIt was discovered that a buffer overflow in the Unicode libraray ICU\ncould lead to the execution of arbitrary code.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 3.8.1-3+lenny3.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 4.4.1-8.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 4.8.1.1-3.\n\nWe recommend that you upgrade your icu packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 3, "modified": "2012-01-29T12:57:08", "published": "2012-01-29T12:57:08", "id": "DEBIAN:DSA-2397-1:E10AA", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2012/msg00021.html", "title": "[SECURITY] [DSA 2397-1] icu security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:36:59", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4599"], "description": "[4.2.1-9.1]\r\n- Resolves: rhbz#766539 CVE-2011-4599 localeID overflow", "edition": 4, "modified": "2011-12-13T00:00:00", "published": "2011-12-13T00:00:00", "id": "ELSA-2011-1815", "href": "http://linux.oracle.com/errata/ELSA-2011-1815.html", "title": "icu security update", "type": "oraclelinux", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}