ID FEDORA_2015-16315.NASL Type nessus Reporter This script is Copyright (C) 2015-2021 Tenable Network Security, Inc. Modified 2015-09-24T00:00:00
Description
Security fix for CVE-2014-6585 CVE-2014-6591 CVE-2014-7923
CVE-2014-7926 CVE-2014-9654
Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Fedora Security Advisory 2015-16315.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(86111);
script_version("2.5");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");
script_cve_id("CVE-2014-6585", "CVE-2014-6591", "CVE-2014-7923", "CVE-2014-7926", "CVE-2014-9654");
script_xref(name:"FEDORA", value:"2015-16315");
script_name(english:"Fedora 23 : icu-54.1-5.fc23 (2015-16315)");
script_summary(english:"Checks rpm output for the updated package.");
script_set_attribute(
attribute:"synopsis",
value:"The remote Fedora host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"Security fix for CVE-2014-6585 CVE-2014-6591 CVE-2014-7923
CVE-2014-7926 CVE-2014-9654
Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=1183645"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=1183646"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=1185202"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=1185205"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=1190129"
);
# https://lists.fedoraproject.org/pipermail/package-announce/2015-September/167377.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?58408625"
);
script_set_attribute(attribute:"solution", value:"Update the affected icu package.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:icu");
script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:23");
script_set_attribute(attribute:"patch_publication_date", value:"2015/09/24");
script_set_attribute(attribute:"plugin_publication_date", value:"2015/09/24");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.");
script_family(english:"Fedora Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^23([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 23.x", "Fedora " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
flag = 0;
if (rpm_check(release:"FC23", reference:"icu-54.1-5.fc23")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "icu");
}
{"id": "FEDORA_2015-16315.NASL", "bulletinFamily": "scanner", "title": "Fedora 23 : icu-54.1-5.fc23 (2015-16315)", "description": "Security fix for CVE-2014-6585 CVE-2014-6591 CVE-2014-7923\nCVE-2014-7926 CVE-2014-9654\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "published": "2015-09-24T00:00:00", "modified": "2015-09-24T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "https://www.tenable.com/plugins/nessus/86111", "reporter": "This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=1183645", "http://www.nessus.org/u?58408625", "https://bugzilla.redhat.com/show_bug.cgi?id=1185205", "https://bugzilla.redhat.com/show_bug.cgi?id=1190129", "https://bugzilla.redhat.com/show_bug.cgi?id=1185202", "https://bugzilla.redhat.com/show_bug.cgi?id=1183646"], "cvelist": ["CVE-2014-7923", "CVE-2014-6585", "CVE-2014-9654", "CVE-2014-7926", "CVE-2014-6591"], "type": "nessus", "lastseen": "2021-01-12T10:13:23", "edition": 18, "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "fedora", "idList": ["FEDORA:D1E11620D217", "FEDORA:456376058289", "FEDORA:B72AB60A6822", "FEDORA:DE02E608A49F", "FEDORA:DDCDA60582B7", "FEDORA:00D0E60BD9AA"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310842118", "OPENVAS:1361412562310703187", "OPENVAS:703187", "OPENVAS:1361412562310869313", "OPENVAS:1361412562310842117", "OPENVAS:1361412562310806130", "OPENVAS:1361412562310869314", "OPENVAS:1361412562310869156", "OPENVAS:1361412562310842122", "OPENVAS:1361412562310121360"]}, {"type": "nessus", "idList": ["FEDORA_2015-6087.NASL", "UBUNTU_USN-2522-1.NASL", "UBUNTU_USN-2522-2.NASL", "MANDRIVA_MDVSA-2015-161.NASL", "UBUNTU_USN-2522-3.NASL", "DEBIAN_DSA-3187.NASL", "GENTOO_GLSA-201503-06.NASL", "FEDORA_2015-6084.NASL", "FEDORA_2015-16314.NASL", "DEBIAN_DLA-219.NASL"]}, {"type": "cve", "idList": ["CVE-2014-6591", "CVE-2014-7926", "CVE-2014-9654", "CVE-2014-6585", "CVE-2014-7923"]}, {"type": "gentoo", "idList": ["GLSA-201503-06"]}, {"type": "ubuntu", "idList": ["USN-2522-3", "USN-2522-2", "USN-2522-1"]}, {"type": "debian", "idList": ["DEBIAN:DSA-3144-1:1ABE5", "DEBIAN:DSA-3187-1:97BB3", "DEBIAN:DLA-157-1:370F5", "DEBIAN:DLA-219-1:C7AC1"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:14291", "SECURITYVULNS:DOC:31765"]}, {"type": "redhat", "idList": ["RHSA-2015:0067", "RHSA-2015:0136", "RHSA-2015:0085", "RHSA-2015:0068"]}, {"type": "f5", "idList": ["SOL16352", "F5:K16352"]}, {"type": "centos", "idList": ["CESA-2015:0067", "CESA-2015:0085"]}, {"type": "oraclelinux", "idList": ["ELSA-2015-0068"]}, {"type": "amazon", "idList": ["ALAS-2015-471"]}], "modified": "2021-01-12T10:13:23", "rev": 2}, "score": {"value": 5.8, "vector": "NONE", "modified": "2021-01-12T10:13:23", "rev": 2}, "vulnersScore": 5.8}, "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-16315.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(86111);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-6585\", \"CVE-2014-6591\", \"CVE-2014-7923\", \"CVE-2014-7926\", \"CVE-2014-9654\");\n script_xref(name:\"FEDORA\", value:\"2015-16315\");\n\n script_name(english:\"Fedora 23 : icu-54.1-5.fc23 (2015-16315)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2014-6585 CVE-2014-6591 CVE-2014-7923\nCVE-2014-7926 CVE-2014-9654\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1183645\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1183646\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1185202\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1185205\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1190129\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-September/167377.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?58408625\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected icu package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:icu\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"icu-54.1-5.fc23\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"icu\");\n}\n", "naslFamily": "Fedora Local Security Checks", "pluginID": "86111", "cpe": ["p-cpe:/a:fedoraproject:fedora:icu", "cpe:/o:fedoraproject:fedora:23"], "scheme": null, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}}
{"openvas": [{"lastseen": "2019-05-29T18:36:33", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7923", "CVE-2014-6585", "CVE-2014-9654", "CVE-2014-7926", "CVE-2014-6591"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2015-04-29T00:00:00", "id": "OPENVAS:1361412562310869313", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869313", "type": "openvas", "title": "Fedora Update for icu FEDORA-2015-6084", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for icu FEDORA-2015-6084\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869313\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-04-29 05:27:23 +0200 (Wed, 29 Apr 2015)\");\n script_cve_id(\"CVE-2014-9654\", \"CVE-2014-7923\", \"CVE-2014-7926\", \"CVE-2014-6585\",\n \"CVE-2014-6591\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for icu FEDORA-2015-6084\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'icu'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"icu on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-6084\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-April/156235.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"icu\", rpm:\"icu~50.1.2~12.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:30", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7923", "CVE-2014-6585", "CVE-2014-9654", "CVE-2014-7926", "CVE-2014-6591"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2015-04-29T00:00:00", "id": "OPENVAS:1361412562310869314", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869314", "type": "openvas", "title": "Fedora Update for icu FEDORA-2015-6087", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for icu FEDORA-2015-6087\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869314\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-04-29 05:27:30 +0200 (Wed, 29 Apr 2015)\");\n script_cve_id(\"CVE-2014-9654\", \"CVE-2014-7923\", \"CVE-2014-7926\", \"CVE-2014-6585\",\n \"CVE-2014-6591\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for icu FEDORA-2015-6087\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'icu'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"icu on Fedora 21\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-6087\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-April/156237.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC21\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC21\")\n{\n\n if ((res = isrpmvuln(pkg:\"icu\", rpm:\"icu~52.1~6.fc21\", rls:\"FC21\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:31", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7923", "CVE-2014-6585", "CVE-2014-9654", "CVE-2014-7926", "CVE-2014-6591"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2015-10-14T00:00:00", "id": "OPENVAS:1361412562310806130", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310806130", "type": "openvas", "title": "Fedora Update for icu FEDORA-2015-16314", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for icu FEDORA-2015-16314\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.806130\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-10-14 08:03:55 +0200 (Wed, 14 Oct 2015)\");\n script_cve_id(\"CVE-2014-6585\", \"CVE-2014-6591\", \"CVE-2014-7923\", \"CVE-2014-7926\", \"CVE-2014-9654\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for icu FEDORA-2015-16314\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'icu'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"icu on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-16314\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-October/169316.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"icu\", rpm:\"icu~54.1~4.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:54", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7923", "CVE-2014-7940", "CVE-2014-9654", "CVE-2014-7926"], "description": "Gentoo Linux Local Security Checks GLSA 201503-06", "modified": "2018-10-26T00:00:00", "published": "2015-09-29T00:00:00", "id": "OPENVAS:1361412562310121360", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121360", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201503-06", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201503-06.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121360\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:28:39 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201503-06\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in ICU. Please review the CVE identifiers referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201503-06\");\n script_cve_id(\"CVE-2014-7923\", \"CVE-2014-7926\", \"CVE-2014-7940\", \"CVE-2014-9654\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201503-06\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"dev-libs/icu\", unaffected: make_list(\"ge 54.1-r1\"), vulnerable: make_list(\"lt 54.1-r1\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:16", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2384", "CVE-2014-7923", "CVE-2014-6585", "CVE-2014-7940", "CVE-2014-9654", "CVE-2013-2419", "CVE-2014-7926", "CVE-2014-6591", "CVE-2013-2383", "CVE-2013-1569"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2015-03-06T00:00:00", "id": "OPENVAS:1361412562310842117", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842117", "type": "openvas", "title": "Ubuntu Update for icu USN-2522-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for icu USN-2522-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842117\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-03-06 06:51:21 +0100 (Fri, 06 Mar 2015)\");\n script_cve_id(\"CVE-2013-1569\", \"CVE-2013-2383\", \"CVE-2013-2384\", \"CVE-2013-2419\",\n \"CVE-2014-6585\", \"CVE-2014-6591\", \"CVE-2014-7923\", \"CVE-2014-7926\",\n \"CVE-2014-9654\", \"CVE-2014-7940\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for icu USN-2522-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'icu'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"It was discovered that ICU incorrectly\nhandled memory operations when processing fonts. If an application using ICU\nprocessed crafted data, an attacker could cause it to crash or potentially\nexecute arbitrary code with the privileges of the user invoking the program.\nThis issue only affected Ubuntu 12.04 LTS. (CVE-2013-1569, CVE-2013-2383,\nCVE-2013-2384, CVE-2013-2419)\n\nIt was discovered that ICU incorrectly handled memory operations when\nprocessing fonts. If an application using ICU processed crafted data, an\nattacker could cause it to crash or potentially execute arbitrary code with\nthe privileges of the user invoking the program. (CVE-2014-6585,\nCVE-2014-6591)\n\nIt was discovered that ICU incorrectly handled memory operations when\nprocessing regular expressions. If an application using ICU processed\ncrafted data, an attacker could cause it to crash or potentially execute\narbitrary code with the privileges of the user invoking the program.\n(CVE-2014-7923, CVE-2014-7926, CVE-2014-9654)\n\nIt was discovered that ICU collator implementation incorrectly handled\nmemory operations. If an application using ICU processed crafted data, an\nattacker could cause it to crash or potentially execute arbitrary code with\nthe privileges of the user invoking the program. (CVE-2014-7940)\");\n script_tag(name:\"affected\", value:\"icu on Ubuntu 14.10,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2522-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2522-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.10|14\\.04 LTS|12\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libicu52:amd64\", ver:\"52.1-6ubuntu0.2\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libicu52:i386\", ver:\"52.1-6ubuntu0.2\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libicu52:amd64\", ver:\"52.1-3ubuntu0.2\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libicu52:i386\", ver:\"52.1-3ubuntu0.2\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libicu48\", ver:\"4.8.1.1-3ubuntu0.3\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:53", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2384", "CVE-2014-7923", "CVE-2014-6585", "CVE-2014-7940", "CVE-2014-9654", "CVE-2013-2419", "CVE-2014-7926", "CVE-2014-6591", "CVE-2013-2383", "CVE-2013-1569"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2015-03-07T00:00:00", "id": "OPENVAS:1361412562310842118", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842118", "type": "openvas", "title": "Ubuntu Update for icu USN-2522-2", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for icu USN-2522-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842118\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-03-07 07:05:23 +0100 (Sat, 07 Mar 2015)\");\n script_cve_id(\"CVE-2013-1569\", \"CVE-2013-2383\", \"CVE-2013-2384\", \"CVE-2013-2419\",\n \"CVE-2014-6585\", \"CVE-2014-6591\", \"CVE-2014-7923\", \"CVE-2014-7926\",\n \"CVE-2014-9654\", \"CVE-2014-7940\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for icu USN-2522-2\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'icu'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"USN-2522-1 fixed vulnerabilities in ICU. On\nUbuntu 12.04 LTS, the font patches caused a regression when using LibreOffice Calc.\nThe patches have been temporarily backed out until the regression is investigated.\n\nWe apologize for the inconvenience.\n\nOriginal advisory details:\n\nIt was discovered that ICU incorrectly handled memory operations when\nprocessing fonts. If an application using ICU processed crafted data, an\nattacker could cause it to crash or potentially execute arbitrary code with\nthe privileges of the user invoking the program. This issue only affected\nUbuntu 12.04 LTS. (CVE-2013-1569, CVE-2013-2383, CVE-2013-2384,\nCVE-2013-2419)\nIt was discovered that ICU incorrectly handled memory operations when\nprocessing fonts. If an application using ICU processed crafted data, an\nattacker could cause it to crash or potentially execute arbitrary code with\nthe privileges of the user invoking the program. (CVE-2014-6585,\nCVE-2014-6591)\nIt was discovered that ICU incorrectly handled memory operations when\nprocessing regular expressions. If an application using ICU processed\ncrafted data, an attacker could cause it to crash or potentially execute\narbitrary code with the privileges of the user invoking the program.\n(CVE-2014-7923, CVE-2014-7926, CVE-2014-9654)\nIt was discovered that ICU collator implementation incorrectly handled\nmemory operations. If an application using ICU processed crafted data, an\nattacker could cause it to crash or potentially execute arbitrary code with\nthe privileges of the user invoking the program. (CVE-2014-7940)\");\n script_tag(name:\"affected\", value:\"icu on Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2522-2\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2522-2/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libicu48\", ver:\"4.8.1.1-3ubuntu0.4\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:40", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2384", "CVE-2014-7923", "CVE-2014-6585", "CVE-2014-7940", "CVE-2014-9654", "CVE-2013-2419", "CVE-2014-7926", "CVE-2014-6591", "CVE-2013-2383", "CVE-2013-1569"], "description": "Several vulnerabilities were discovered\nin the International Components for Unicode (ICU) library.\n\nCVE-2013-1569\nGlyph table issue.\n\nCVE-2013-2383\nGlyph table issue.\n\nCVE-2013-2384\nFont layout issue.\n\nCVE-2013-2419\nFont processing issue.\n\nCVE-2014-6585\nOut-of-bounds read.\n\nCVE-2014-6591\nAdditional out-of-bounds reads.\n\nCVE-2014-7923\nMemory corruption in regular expression comparison.\n\nCVE-2014-7926\nMemory corruption in regular expression comparison.\n\nCVE-2014-7940\nUninitialized memory.\n\nCVE-2014-9654\nMore regular expression flaws.", "modified": "2019-03-18T00:00:00", "published": "2015-03-15T00:00:00", "id": "OPENVAS:1361412562310703187", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703187", "type": "openvas", "title": "Debian Security Advisory DSA 3187-1 (icu - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3187.nasl 14278 2019-03-18 14:47:26Z cfischer $\n# Auto-generated from advisory DSA 3187-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703187\");\n script_version(\"$Revision: 14278 $\");\n script_cve_id(\"CVE-2013-1569\", \"CVE-2013-2383\", \"CVE-2013-2384\", \"CVE-2013-2419\",\n \"CVE-2014-6585\", \"CVE-2014-6591\", \"CVE-2014-7923\", \"CVE-2014-7926\",\n \"CVE-2014-7940\", \"CVE-2014-9654\");\n script_name(\"Debian Security Advisory DSA 3187-1 (icu - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:47:26 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-03-15 00:00:00 +0100 (Sun, 15 Mar 2015)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2015/dsa-3187.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n script_tag(name:\"affected\", value:\"icu on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (wheezy),\nthese problems have been fixed in version 4.8.1.1-12+deb7u2.\n\nFor the upcoming stable (jessie) and unstable (sid) distributions, these\nproblems have been fixed in version 52.1-7.1.\n\nWe recommend that you upgrade your icu packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities were discovered\nin the International Components for Unicode (ICU) library.\n\nCVE-2013-1569\nGlyph table issue.\n\nCVE-2013-2383\nGlyph table issue.\n\nCVE-2013-2384\nFont layout issue.\n\nCVE-2013-2419\nFont processing issue.\n\nCVE-2014-6585\nOut-of-bounds read.\n\nCVE-2014-6591\nAdditional out-of-bounds reads.\n\nCVE-2014-7923\nMemory corruption in regular expression comparison.\n\nCVE-2014-7926\nMemory corruption in regular expression comparison.\n\nCVE-2014-7940\nUninitialized memory.\n\nCVE-2014-9654\nMore regular expression flaws.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software\nversion using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"icu-doc\", ver:\"4.8.1.1-12+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libicu-dev\", ver:\"4.8.1.1-12+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libicu48:amd64\", ver:\"4.8.1.1-12+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libicu48:i386\", ver:\"4.8.1.1-12+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libicu48-dbg\", ver:\"4.8.1.1-12+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:06", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2384", "CVE-2014-7923", "CVE-2014-6585", "CVE-2014-7940", "CVE-2014-9654", "CVE-2013-2419", "CVE-2014-7926", "CVE-2014-6591", "CVE-2013-2383", "CVE-2013-1569"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2015-03-11T00:00:00", "id": "OPENVAS:1361412562310842122", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842122", "type": "openvas", "title": "Ubuntu Update for icu USN-2522-3", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for icu USN-2522-3\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842122\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-03-11 06:40:08 +0100 (Wed, 11 Mar 2015)\");\n script_cve_id(\"CVE-2013-1569\", \"CVE-2013-2383\", \"CVE-2013-2384\", \"CVE-2013-2419\",\n \"CVE-2014-6585\", \"CVE-2014-6591\", \"CVE-2014-7923\", \"CVE-2014-7926\",\n \"CVE-2014-9654\", \"CVE-2014-7940\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for icu USN-2522-3\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'icu'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"USN-2522-1 fixed vulnerabilities in ICU.\nOn Ubuntu 12.04 LTS, the font patches caused a regression when using LibreOffice\nCalc. The patches have now been updated to fix the regression.\n\nWe apologize for the inconvenience.\n\nOriginal advisory details:\n\nIt was discovered that ICU incorrectly handled memory operations when\nprocessing fonts. If an application using ICU processed crafted data, an\nattacker could cause it to crash or potentially execute arbitrary code with\nthe privileges of the user invoking the program. This issue only affected\nUbuntu 12.04 LTS. (CVE-2013-1569, CVE-2013-2383, CVE-2013-2384,\nCVE-2013-2419)\nIt was discovered that ICU incorrectly handled memory operations when\nprocessing fonts. If an application using ICU processed crafted data, an\nattacker could cause it to crash or potentially execute arbitrary code with\nthe privileges of the user invoking the program. (CVE-2014-6585,\nCVE-2014-6591)\nIt was discovered that ICU incorrectly handled memory operations when\nprocessing regular expressions. If an application using ICU processed\ncrafted data, an attacker could cause it to crash or potentially execute\narbitrary code with the privileges of the user invoking the program.\n(CVE-2014-7923, CVE-2014-7926, CVE-2014-9654)\nIt was discovered that ICU collator implementation incorrectly handled\nmemory operations. If an application using ICU processed crafted data, an\nattacker could cause it to crash or potentially execute arbitrary code with\nthe privileges of the user invoking the program. (CVE-2014-7940)\");\n script_tag(name:\"affected\", value:\"icu on Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2522-3\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2522-3/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libicu48\", ver:\"4.8.1.1-3ubuntu0.5\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:53:07", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2384", "CVE-2014-7923", "CVE-2014-6585", "CVE-2014-7940", "CVE-2014-9654", "CVE-2013-2419", "CVE-2014-7926", "CVE-2014-6591", "CVE-2013-2383", "CVE-2013-1569"], "description": "Several vulnerabilities were discovered\nin the International Components for Unicode (ICU) library.\n\nCVE-2013-1569 \nGlyph table issue.\n\nCVE-2013-2383 \nGlyph table issue.\n\nCVE-2013-2384 \nFont layout issue.\n\nCVE-2013-2419 \nFont processing issue.\n\nCVE-2014-6585 \nOut-of-bounds read.\n\nCVE-2014-6591 \nAdditional out-of-bounds reads.\n\nCVE-2014-7923 \nMemory corruption in regular expression comparison.\n\nCVE-2014-7926 \nMemory corruption in regular expression comparison.\n\nCVE-2014-7940 \nUninitialized memory.\n\nCVE-2014-9654 \nMore regular expression flaws.", "modified": "2017-07-07T00:00:00", "published": "2015-03-15T00:00:00", "id": "OPENVAS:703187", "href": "http://plugins.openvas.org/nasl.php?oid=703187", "type": "openvas", "title": "Debian Security Advisory DSA 3187-1 (icu - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3187.nasl 6609 2017-07-07 12:05:59Z cfischer $\n# Auto-generated from advisory DSA 3187-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703187);\n script_version(\"$Revision: 6609 $\");\n script_cve_id(\"CVE-2013-1569\", \"CVE-2013-2383\", \"CVE-2013-2384\", \"CVE-2013-2419\",\n \"CVE-2014-6585\", \"CVE-2014-6591\", \"CVE-2014-7923\", \"CVE-2014-7926\",\n \"CVE-2014-7940\", \"CVE-2014-9654\");\n script_name(\"Debian Security Advisory DSA 3187-1 (icu - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:59 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2015-03-15 00:00:00 +0100 (Sun, 15 Mar 2015)\");\n script_tag(name: \"cvss_base\", value: \"10.0\");\n script_tag(name: \"cvss_base_vector\", value: \"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2015/dsa-3187.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"icu on Debian Linux\");\n script_tag(name: \"insight\", value: \"ICU is a C++ and C library that\nprovides robust and full-featured Unicode and locale support.\");\n script_tag(name: \"solution\", value: \"For the stable distribution (wheezy),\nthese problems have been fixed in version 4.8.1.1-12+deb7u2.\n\nFor the upcoming stable (jessie) and unstable (sid) distributions, these\nproblems have been fixed in version 52.1-7.1.\n\nWe recommend that you upgrade your icu packages.\");\n script_tag(name: \"summary\", value: \"Several vulnerabilities were discovered\nin the International Components for Unicode (ICU) library.\n\nCVE-2013-1569 \nGlyph table issue.\n\nCVE-2013-2383 \nGlyph table issue.\n\nCVE-2013-2384 \nFont layout issue.\n\nCVE-2013-2419 \nFont processing issue.\n\nCVE-2014-6585 \nOut-of-bounds read.\n\nCVE-2014-6591 \nAdditional out-of-bounds reads.\n\nCVE-2014-7923 \nMemory corruption in regular expression comparison.\n\nCVE-2014-7926 \nMemory corruption in regular expression comparison.\n\nCVE-2014-7940 \nUninitialized memory.\n\nCVE-2014-9654 \nMore regular expression flaws.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"icu-doc\", ver:\"4.8.1.1-12+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libicu-dev\", ver:\"4.8.1.1-12+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libicu48:amd64\", ver:\"4.8.1.1-12+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libicu48:i386\", ver:\"4.8.1.1-12+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libicu48-dbg\", ver:\"4.8.1.1-12+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:36:23", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-6585", "CVE-2014-6591"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2015-04-03T00:00:00", "id": "OPENVAS:1361412562310869156", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869156", "type": "openvas", "title": "Fedora Update for icu FEDORA-2015-3569", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for icu FEDORA-2015-3569\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869156\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-04-03 05:08:15 +0200 (Fri, 03 Apr 2015)\");\n script_cve_id(\"CVE-2014-6585\", \"CVE-2014-6591\");\n script_tag(name:\"cvss_base\", value:\"2.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for icu FEDORA-2015-3569\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'icu'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"icu on Fedora 21\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-3569\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-April/154190.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC21\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC21\")\n{\n\n if ((res = isrpmvuln(pkg:\"icu\", rpm:\"icu~52.1~5.fc21\", rls:\"FC21\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}], "nessus": [{"lastseen": "2021-01-12T10:13:23", "description": "Security fix for CVE-2014-6585 CVE-2014-6591 CVE-2014-7923\nCVE-2014-7926 CVE-2014-9654\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 18, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2015-10-14T00:00:00", "title": "Fedora 22 : icu-54.1-4.fc22 (2015-16314)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7923", "CVE-2014-6585", "CVE-2014-9654", "CVE-2014-7926", "CVE-2014-6591"], "modified": "2015-10-14T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:22", "p-cpe:/a:fedoraproject:fedora:icu"], "id": "FEDORA_2015-16314.NASL", "href": "https://www.tenable.com/plugins/nessus/86376", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-16314.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(86376);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-6585\", \"CVE-2014-6591\", \"CVE-2014-7923\", \"CVE-2014-7926\", \"CVE-2014-9654\");\n script_xref(name:\"FEDORA\", value:\"2015-16314\");\n\n script_name(english:\"Fedora 22 : icu-54.1-4.fc22 (2015-16314)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2014-6585 CVE-2014-6591 CVE-2014-7923\nCVE-2014-7926 CVE-2014-9654\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1183645\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1183646\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1185202\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1185205\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1190129\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-October/169316.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?146a1099\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected icu package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:icu\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/10/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"icu-54.1-4.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"icu\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:13:40", "description": "Security fix for CVE-2014-9654, CVE-2014-7923, CVE-2014-7926\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 18, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2015-04-29T00:00:00", "title": "Fedora 21 : icu-52.1-6.fc21 (2015-6087)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7923", "CVE-2014-9654", "CVE-2014-7926"], "modified": "2015-04-29T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:21", "p-cpe:/a:fedoraproject:fedora:icu"], "id": "FEDORA_2015-6087.NASL", "href": "https://www.tenable.com/plugins/nessus/83123", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-6087.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83123);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-7923\", \"CVE-2014-7926\", \"CVE-2014-9654\");\n script_xref(name:\"FEDORA\", value:\"2015-6087\");\n\n script_name(english:\"Fedora 21 : icu-52.1-6.fc21 (2015-6087)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2014-9654, CVE-2014-7923, CVE-2014-7926\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1185202\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1185205\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1190129\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-April/156237.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d88d163d\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected icu package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:icu\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:21\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/04/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^21([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 21.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC21\", reference:\"icu-52.1-6.fc21\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"icu\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:13:40", "description": "Security fix for CVE-2014-9654, CVE-2014-7923, CVE-2014-7926\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 18, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2015-04-29T00:00:00", "title": "Fedora 20 : icu-50.1.2-12.fc20 (2015-6084)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7923", "CVE-2014-9654", "CVE-2014-7926"], "modified": "2015-04-29T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:20", "p-cpe:/a:fedoraproject:fedora:icu"], "id": "FEDORA_2015-6084.NASL", "href": "https://www.tenable.com/plugins/nessus/83122", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-6084.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83122);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-7923\", \"CVE-2014-7926\", \"CVE-2014-9654\");\n script_xref(name:\"FEDORA\", value:\"2015-6084\");\n\n script_name(english:\"Fedora 20 : icu-50.1.2-12.fc20 (2015-6084)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2014-9654, CVE-2014-7923, CVE-2014-7926\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1185202\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1185205\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1190129\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-April/156235.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?170fc708\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected icu package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:icu\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/04/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"icu-50.1.2-12.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"icu\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T11:51:46", "description": "Updated icu packages fix security vulnerabilities :\n\nThe Regular Expressions package in International Components for\nUnicode (ICU) 52 before SVN revision 292944 allows remote attackers to\ncause a denial of service (memory corruption) or possibly have\nunspecified other impact via vectors related to a zero-length\nquantifier or look-behind expression (CVE-2014-7923, CVE-2014-7926).\n\nThe collator implementation in i18n/ucol.cpp in International\nComponents for Unicode (ICU) 52 through SVN revision 293126 does not\ninitialize memory for a data structure, which allows remote attackers\nto cause a denial of service or possibly have unspecified other impact\nvia a crafted character sequence (CVE-2014-7940).\n\nIt was discovered that ICU incorrectly handled memory operations when\nprocessing fonts. If an application using ICU processed crafted data,\nan attacker could cause it to crash or potentially execute arbitrary\ncode with the privileges of the user invoking the program\n(CVE-2014-6585, CVE-2014-6591).", "edition": 25, "published": "2015-03-30T00:00:00", "title": "Mandriva Linux Security Advisory : icu (MDVSA-2015:161-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7923", "CVE-2014-6585", "CVE-2014-7940", "CVE-2014-7926", "CVE-2014-6591"], "modified": "2015-03-30T00:00:00", "cpe": ["cpe:/o:mandriva:business_server:1", "p-cpe:/a:mandriva:linux:icu-doc", "cpe:/o:mandriva:business_server:2", "p-cpe:/a:mandriva:linux:icu-data", "p-cpe:/a:mandriva:linux:lib64icu-devel", "p-cpe:/a:mandriva:linux:lib64icu48", "p-cpe:/a:mandriva:linux:lib64icu52", "p-cpe:/a:mandriva:linux:icu"], "id": "MANDRIVA_MDVSA-2015-161.NASL", "href": "https://www.tenable.com/plugins/nessus/82414", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2015:161. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82414);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\n \"CVE-2014-6585\",\n \"CVE-2014-6591\",\n \"CVE-2014-7923\",\n \"CVE-2014-7926\",\n \"CVE-2014-7940\"\n );\n script_bugtraq_id(\n 72173,\n 72175,\n 72288\n );\n script_xref(name:\"MDVSA\", value:\"2015:161\");\n script_xref(name:\"MDVSA\", value:\"2015:161-1\");\n\n script_name(english:\"Mandriva Linux Security Advisory : icu (MDVSA-2015:161-1)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated icu packages fix security vulnerabilities :\n\nThe Regular Expressions package in International Components for\nUnicode (ICU) 52 before SVN revision 292944 allows remote attackers to\ncause a denial of service (memory corruption) or possibly have\nunspecified other impact via vectors related to a zero-length\nquantifier or look-behind expression (CVE-2014-7923, CVE-2014-7926).\n\nThe collator implementation in i18n/ucol.cpp in International\nComponents for Unicode (ICU) 52 through SVN revision 293126 does not\ninitialize memory for a data structure, which allows remote attackers\nto cause a denial of service or possibly have unspecified other impact\nvia a crafted character sequence (CVE-2014-7940).\n\nIt was discovered that ICU incorrectly handled memory operations when\nprocessing fonts. If an application using ICU processed crafted data,\nan attacker could cause it to crash or potentially execute arbitrary\ncode with the privileges of the user invoking the program\n(CVE-2014-6585, CVE-2014-6591).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2015-0047.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2015-0102.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:icu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:icu-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:icu-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64icu-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64icu48\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64icu52\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"icu-4.8.1.1-3.2.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"icu-doc-4.8.1.1-3.2.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64icu-devel-4.8.1.1-3.2.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64icu48-4.8.1.1-3.2.mbs1\")) flag++;\n\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"icu-52.1-2.1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", reference:\"icu-data-52.1-2.1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", reference:\"icu-doc-52.1-2.1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"lib64icu-devel-52.1-2.1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"lib64icu52-52.1-2.1.mbs2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T11:04:33", "description": "The remote host is affected by the vulnerability described in GLSA-201503-06\n(ICU: Multiple Vulnerabilities)\n\n Multiple vulnerabilities have been discovered in ICU. Please review the\n CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker can cause Denial of Service.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 24, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2015-03-24T00:00:00", "title": "GLSA-201503-06 : ICU: Multiple Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7923", "CVE-2014-7940", "CVE-2014-9654", "CVE-2014-7926"], "modified": "2015-03-24T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:icu"], "id": "GENTOO_GLSA-201503-06.NASL", "href": "https://www.tenable.com/plugins/nessus/82005", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201503-06.\n#\n# The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82005);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-7923\", \"CVE-2014-7926\", \"CVE-2014-7940\", \"CVE-2014-9654\");\n script_bugtraq_id(72288, 72980);\n script_xref(name:\"GLSA\", value:\"201503-06\");\n\n script_name(english:\"GLSA-201503-06 : ICU: Multiple Vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201503-06\n(ICU: Multiple Vulnerabilities)\n\n Multiple vulnerabilities have been discovered in ICU. Please review the\n CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker can cause Denial of Service.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201503-06\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All ICU users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-libs/icu-54.1-r1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:X/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:icu\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-libs/icu\", unaffected:make_list(\"ge 54.1-r1\"), vulnerable:make_list(\"lt 54.1-r1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ICU\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-09-23T18:55:09", "description": "USN-2522-1 fixed vulnerabilities in ICU. On Ubuntu 12.04 LTS, the font\npatches caused a regression when using LibreOffice Calc. The patches\nhave now been updated to fix the regression.\n\nWe apologize for the inconvenience.\n\nIt was discovered that ICU incorrectly handled memory operations when\nprocessing fonts. If an application using ICU processed crafted data,\nan attacker could cause it to crash or potentially execute arbitrary\ncode with the privileges of the user invoking the program. This issue\nonly affected Ubuntu 12.04 LTS. (CVE-2013-1569, CVE-2013-2383,\nCVE-2013-2384, CVE-2013-2419)\n\nIt was discovered that ICU incorrectly handled memory\noperations when processing fonts. If an application using\nICU processed crafted data, an attacker could cause it to\ncrash or potentially execute arbitrary code with the\nprivileges of the user invoking the program. (CVE-2014-6585,\nCVE-2014-6591)\n\nIt was discovered that ICU incorrectly handled memory\noperations when processing regular expressions. If an\napplication using ICU processed crafted data, an attacker\ncould cause it to crash or potentially execute arbitrary\ncode with the privileges of the user invoking the program.\n(CVE-2014-7923, CVE-2014-7926, CVE-2014-9654)\n\nIt was discovered that ICU collator implementation\nincorrectly handled memory operations. If an application\nusing ICU processed crafted data, an attacker could cause it\nto crash or potentially execute arbitrary code with the\nprivileges of the user invoking the program. (CVE-2014-7940).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 21, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2015-03-11T00:00:00", "title": "Ubuntu 12.04 LTS : icu vulnerabilities (USN-2522-3)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2384", "CVE-2014-7923", "CVE-2014-6585", "CVE-2014-7940", "CVE-2014-9654", "CVE-2013-2419", "CVE-2014-7926", "CVE-2014-6591", "CVE-2013-2383", "CVE-2013-1569"], "modified": "2015-03-11T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libicu48", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-2522-3.NASL", "href": "https://www.tenable.com/plugins/nessus/81754", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2522-3. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(81754);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/22\");\n\n script_cve_id(\"CVE-2013-1569\", \"CVE-2013-2383\", \"CVE-2013-2384\", \"CVE-2013-2419\", \"CVE-2014-6585\", \"CVE-2014-6591\", \"CVE-2014-7923\", \"CVE-2014-7926\", \"CVE-2014-7940\", \"CVE-2014-9654\");\n script_bugtraq_id(59131, 59166, 59179, 59190, 72173, 72175);\n script_xref(name:\"USN\", value:\"2522-3\");\n\n script_name(english:\"Ubuntu 12.04 LTS : icu vulnerabilities (USN-2522-3)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"USN-2522-1 fixed vulnerabilities in ICU. On Ubuntu 12.04 LTS, the font\npatches caused a regression when using LibreOffice Calc. The patches\nhave now been updated to fix the regression.\n\nWe apologize for the inconvenience.\n\nIt was discovered that ICU incorrectly handled memory operations when\nprocessing fonts. If an application using ICU processed crafted data,\nan attacker could cause it to crash or potentially execute arbitrary\ncode with the privileges of the user invoking the program. This issue\nonly affected Ubuntu 12.04 LTS. (CVE-2013-1569, CVE-2013-2383,\nCVE-2013-2384, CVE-2013-2419)\n\nIt was discovered that ICU incorrectly handled memory\noperations when processing fonts. If an application using\nICU processed crafted data, an attacker could cause it to\ncrash or potentially execute arbitrary code with the\nprivileges of the user invoking the program. (CVE-2014-6585,\nCVE-2014-6591)\n\nIt was discovered that ICU incorrectly handled memory\noperations when processing regular expressions. If an\napplication using ICU processed crafted data, an attacker\ncould cause it to crash or potentially execute arbitrary\ncode with the privileges of the user invoking the program.\n(CVE-2014-7923, CVE-2014-7926, CVE-2014-9654)\n\nIt was discovered that ICU collator implementation\nincorrectly handled memory operations. If an application\nusing ICU processed crafted data, an attacker could cause it\nto crash or potentially execute arbitrary code with the\nprivileges of the user invoking the program. (CVE-2014-7940).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2522-3/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libicu48 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:X/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libicu48\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/04/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libicu48\", pkgver:\"4.8.1.1-3ubuntu0.5\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libicu48\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-09-23T18:55:09", "description": "It was discovered that ICU incorrectly handled memory operations when\nprocessing fonts. If an application using ICU processed crafted data,\nan attacker could cause it to crash or potentially execute arbitrary\ncode with the privileges of the user invoking the program. This issue\nonly affected Ubuntu 12.04 LTS. (CVE-2013-1569, CVE-2013-2383,\nCVE-2013-2384, CVE-2013-2419)\n\nIt was discovered that ICU incorrectly handled memory operations when\nprocessing fonts. If an application using ICU processed crafted data,\nan attacker could cause it to crash or potentially execute arbitrary\ncode with the privileges of the user invoking the program.\n(CVE-2014-6585, CVE-2014-6591)\n\nIt was discovered that ICU incorrectly handled memory operations when\nprocessing regular expressions. If an application using ICU processed\ncrafted data, an attacker could cause it to crash or potentially\nexecute arbitrary code with the privileges of the user invoking the\nprogram. (CVE-2014-7923, CVE-2014-7926, CVE-2014-9654)\n\nIt was discovered that ICU collator implementation incorrectly handled\nmemory operations. If an application using ICU processed crafted data,\nan attacker could cause it to crash or potentially execute arbitrary\ncode with the privileges of the user invoking the program.\n(CVE-2014-7940).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 22, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2015-03-06T00:00:00", "title": "Ubuntu 12.04 LTS / 14.04 LTS / 14.10 : icu vulnerabilities (USN-2522-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2384", "CVE-2014-7923", "CVE-2014-6585", "CVE-2014-7940", "CVE-2014-9654", "CVE-2013-2419", "CVE-2014-7926", "CVE-2014-6591", "CVE-2013-2383", "CVE-2013-1569"], "modified": "2015-03-06T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libicu48", "cpe:/o:canonical:ubuntu_linux:14.10", "p-cpe:/a:canonical:ubuntu_linux:libicu52", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2522-1.NASL", "href": "https://www.tenable.com/plugins/nessus/81668", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2522-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(81668);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/22\");\n\n script_cve_id(\"CVE-2013-1569\", \"CVE-2013-2383\", \"CVE-2013-2384\", \"CVE-2013-2419\", \"CVE-2014-6585\", \"CVE-2014-6591\", \"CVE-2014-7923\", \"CVE-2014-7926\", \"CVE-2014-7940\", \"CVE-2014-9654\");\n script_bugtraq_id(59131, 59166, 59179, 59190, 72173, 72175, 72288);\n script_xref(name:\"USN\", value:\"2522-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS / 14.10 : icu vulnerabilities (USN-2522-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that ICU incorrectly handled memory operations when\nprocessing fonts. If an application using ICU processed crafted data,\nan attacker could cause it to crash or potentially execute arbitrary\ncode with the privileges of the user invoking the program. This issue\nonly affected Ubuntu 12.04 LTS. (CVE-2013-1569, CVE-2013-2383,\nCVE-2013-2384, CVE-2013-2419)\n\nIt was discovered that ICU incorrectly handled memory operations when\nprocessing fonts. If an application using ICU processed crafted data,\nan attacker could cause it to crash or potentially execute arbitrary\ncode with the privileges of the user invoking the program.\n(CVE-2014-6585, CVE-2014-6591)\n\nIt was discovered that ICU incorrectly handled memory operations when\nprocessing regular expressions. If an application using ICU processed\ncrafted data, an attacker could cause it to crash or potentially\nexecute arbitrary code with the privileges of the user invoking the\nprogram. (CVE-2014-7923, CVE-2014-7926, CVE-2014-9654)\n\nIt was discovered that ICU collator implementation incorrectly handled\nmemory operations. If an application using ICU processed crafted data,\nan attacker could cause it to crash or potentially execute arbitrary\ncode with the privileges of the user invoking the program.\n(CVE-2014-7940).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2522-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libicu48 and / or libicu52 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libicu48\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libicu52\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/04/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04|14\\.04|14\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04 / 14.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libicu48\", pkgver:\"4.8.1.1-3ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libicu52\", pkgver:\"52.1-3ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"libicu52\", pkgver:\"52.1-6ubuntu0.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libicu48 / libicu52\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-09-23T18:55:09", "description": "USN-2522-1 fixed vulnerabilities in ICU. On Ubuntu 12.04 LTS, the font\npatches caused a regression when using LibreOffice Calc. The patches\nhave been temporarily backed out until the regression is investigated.\n\nWe apologize for the inconvenience.\n\nIt was discovered that ICU incorrectly handled memory operations when\nprocessing fonts. If an application using ICU processed crafted data,\nan attacker could cause it to crash or potentially execute arbitrary\ncode with the privileges of the user invoking the program. This issue\nonly affected Ubuntu 12.04 LTS. (CVE-2013-1569, CVE-2013-2383,\nCVE-2013-2384, CVE-2013-2419)\n\nIt was discovered that ICU incorrectly handled memory\noperations when processing fonts. If an application using\nICU processed crafted data, an attacker could cause it to\ncrash or potentially execute arbitrary code with the\nprivileges of the user invoking the program. (CVE-2014-6585,\nCVE-2014-6591)\n\nIt was discovered that ICU incorrectly handled memory\noperations when processing regular expressions. If an\napplication using ICU processed crafted data, an attacker\ncould cause it to crash or potentially execute arbitrary\ncode with the privileges of the user invoking the program.\n(CVE-2014-7923, CVE-2014-7926, CVE-2014-9654)\n\nIt was discovered that ICU collator implementation\nincorrectly handled memory operations. If an application\nusing ICU processed crafted data, an attacker could cause it\nto crash or potentially execute arbitrary code with the\nprivileges of the user invoking the program. (CVE-2014-7940).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 22, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2015-03-09T00:00:00", "title": "Ubuntu 12.04 LTS : icu regression (USN-2522-2)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2384", "CVE-2014-7923", "CVE-2014-6585", "CVE-2014-7940", "CVE-2014-9654", "CVE-2013-2419", "CVE-2014-7926", "CVE-2014-6591", "CVE-2013-2383", "CVE-2013-1569"], "modified": "2015-03-09T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libicu48", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-2522-2.NASL", "href": "https://www.tenable.com/plugins/nessus/81698", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2522-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(81698);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/22\");\n\n script_cve_id(\"CVE-2013-1569\", \"CVE-2013-2383\", \"CVE-2013-2384\", \"CVE-2013-2419\", \"CVE-2014-6585\", \"CVE-2014-6591\", \"CVE-2014-7923\", \"CVE-2014-7926\", \"CVE-2014-7940\", \"CVE-2014-9654\");\n script_bugtraq_id(59131, 59166, 59179, 59190, 72173, 72175, 72288, 72980);\n script_xref(name:\"USN\", value:\"2522-2\");\n\n script_name(english:\"Ubuntu 12.04 LTS : icu regression (USN-2522-2)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"USN-2522-1 fixed vulnerabilities in ICU. On Ubuntu 12.04 LTS, the font\npatches caused a regression when using LibreOffice Calc. The patches\nhave been temporarily backed out until the regression is investigated.\n\nWe apologize for the inconvenience.\n\nIt was discovered that ICU incorrectly handled memory operations when\nprocessing fonts. If an application using ICU processed crafted data,\nan attacker could cause it to crash or potentially execute arbitrary\ncode with the privileges of the user invoking the program. This issue\nonly affected Ubuntu 12.04 LTS. (CVE-2013-1569, CVE-2013-2383,\nCVE-2013-2384, CVE-2013-2419)\n\nIt was discovered that ICU incorrectly handled memory\noperations when processing fonts. If an application using\nICU processed crafted data, an attacker could cause it to\ncrash or potentially execute arbitrary code with the\nprivileges of the user invoking the program. (CVE-2014-6585,\nCVE-2014-6591)\n\nIt was discovered that ICU incorrectly handled memory\noperations when processing regular expressions. If an\napplication using ICU processed crafted data, an attacker\ncould cause it to crash or potentially execute arbitrary\ncode with the privileges of the user invoking the program.\n(CVE-2014-7923, CVE-2014-7926, CVE-2014-9654)\n\nIt was discovered that ICU collator implementation\nincorrectly handled memory operations. If an application\nusing ICU processed crafted data, an attacker could cause it\nto crash or potentially execute arbitrary code with the\nprivileges of the user invoking the program. (CVE-2014-7940).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2522-2/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libicu48 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libicu48\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/04/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libicu48\", pkgver:\"4.8.1.1-3ubuntu0.4\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libicu48\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T09:49:00", "description": "Several vulnerabilities were discovered in the International\nComponents for Unicode (ICU) library.\n\n - CVE-2013-1569\n Glyph table issue.\n\n - CVE-2013-2383\n Glyph table issue.\n\n - CVE-2013-2384\n Font layout issue.\n\n - CVE-2013-2419\n Font processing issue.\n\n - CVE-2014-6585\n Out-of-bounds read.\n\n - CVE-2014-6591\n Additional out-of-bounds reads.\n\n - CVE-2014-7923\n Memory corruption in regular expression comparison.\n\n - CVE-2014-7926\n Memory corruption in regular expression comparison.\n\n - CVE-2014-7940\n Uninitialized memory.\n\n - CVE-2014-9654\n More regular expression flaws.", "edition": 16, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2015-03-17T00:00:00", "title": "Debian DSA-3187-1 : icu - security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2384", "CVE-2014-7923", "CVE-2014-6585", "CVE-2014-7940", "CVE-2014-9654", "CVE-2013-2419", "CVE-2014-7926", "CVE-2014-6591", "CVE-2013-2383", "CVE-2013-1569"], "modified": "2015-03-17T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:icu", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-3187.NASL", "href": "https://www.tenable.com/plugins/nessus/81831", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3187. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(81831);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-1569\", \"CVE-2013-2383\", \"CVE-2013-2384\", \"CVE-2013-2419\", \"CVE-2014-6585\", \"CVE-2014-6591\", \"CVE-2014-7923\", \"CVE-2014-7926\", \"CVE-2014-7940\", \"CVE-2014-9654\");\n script_bugtraq_id(59131, 59166, 59179, 59190, 72173, 72175);\n script_xref(name:\"DSA\", value:\"3187\");\n\n script_name(english:\"Debian DSA-3187-1 : icu - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities were discovered in the International\nComponents for Unicode (ICU) library.\n\n - CVE-2013-1569\n Glyph table issue.\n\n - CVE-2013-2383\n Glyph table issue.\n\n - CVE-2013-2384\n Font layout issue.\n\n - CVE-2013-2419\n Font processing issue.\n\n - CVE-2014-6585\n Out-of-bounds read.\n\n - CVE-2014-6591\n Additional out-of-bounds reads.\n\n - CVE-2014-7923\n Memory corruption in regular expression comparison.\n\n - CVE-2014-7926\n Memory corruption in regular expression comparison.\n\n - CVE-2014-7940\n Uninitialized memory.\n\n - CVE-2014-9654\n More regular expression flaws.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775884\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776264\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776265\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776719\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-1569\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2383\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2384\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2419\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-6585\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-6591\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-7923\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-7926\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-7940\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-9654\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/icu\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2015/dsa-3187\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the icu packages.\n\nFor the stable distribution (wheezy), these problems have been fixed\nin version 4.8.1.1-12+deb7u2.\n\nFor the upcoming stable (jessie) and unstable (sid) distributions,\nthese problems have been fixed in version 52.1-7.1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icu\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"icu-doc\", reference:\"4.8.1.1-12+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libicu-dev\", reference:\"4.8.1.1-12+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libicu48\", reference:\"4.8.1.1-12+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libicu48-dbg\", reference:\"4.8.1.1-12+deb7u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T09:42:27", "description": "Several vulnerabilities were discovered in the International\nComponents for Unicode (ICU) library :\n\nCVE-2013-1569\n\nGlyph table issue.\n\nCVE-2013-2383\n\nGlyph table issue.\n\nCVE-2013-2384\n\nFont layout issue.\n\nCVE-2013-2419\n\nFont processing issue.\n\nCVE-2014-6585\n\nOut-of-bounds read.\n\nCVE-2014-6591\n\nAdditional out-of-bounds reads.\n\nCVE-2014-7923\n\nMemory corruption in regular expression comparison.\n\nCVE-2014-7926\n\nMemory corruption in regular expression comparison.\n\nCVE-2014-7940\n\nUninitialized memory.\n\nCVE-2014-9654\n\nMore regular expression flaws.\n\nFor Debian 6 'Squeeze', these issues have been fixed in\nicu version 4.4.1-8+squeeze3.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.", "edition": 16, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2015-05-15T00:00:00", "title": "Debian DLA-219-1 : icu security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2384", "CVE-2014-7923", "CVE-2014-6585", "CVE-2014-7940", "CVE-2014-9654", "CVE-2013-2419", "CVE-2014-7926", "CVE-2014-6591", "CVE-2013-2383", "CVE-2013-1569"], "modified": "2015-05-15T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:6.0", "p-cpe:/a:debian:debian_linux:icu-doc", "p-cpe:/a:debian:debian_linux:libicu44-dbg", "p-cpe:/a:debian:debian_linux:libicu-dev", "p-cpe:/a:debian:debian_linux:libicu44", "p-cpe:/a:debian:debian_linux:lib32icu44", "p-cpe:/a:debian:debian_linux:lib32icu-dev"], "id": "DEBIAN_DLA-219.NASL", "href": "https://www.tenable.com/plugins/nessus/83476", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-219-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83476);\n script_version(\"2.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-1569\", \"CVE-2013-2383\", \"CVE-2013-2384\", \"CVE-2013-2419\", \"CVE-2014-6585\", \"CVE-2014-6591\", \"CVE-2014-7923\", \"CVE-2014-7926\", \"CVE-2014-7940\", \"CVE-2014-9654\");\n script_bugtraq_id(59131, 59166, 59179, 59190, 72173, 72175, 72288, 72980);\n\n script_name(english:\"Debian DLA-219-1 : icu security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities were discovered in the International\nComponents for Unicode (ICU) library :\n\nCVE-2013-1569\n\nGlyph table issue.\n\nCVE-2013-2383\n\nGlyph table issue.\n\nCVE-2013-2384\n\nFont layout issue.\n\nCVE-2013-2419\n\nFont processing issue.\n\nCVE-2014-6585\n\nOut-of-bounds read.\n\nCVE-2014-6591\n\nAdditional out-of-bounds reads.\n\nCVE-2014-7923\n\nMemory corruption in regular expression comparison.\n\nCVE-2014-7926\n\nMemory corruption in regular expression comparison.\n\nCVE-2014-7940\n\nUninitialized memory.\n\nCVE-2014-9654\n\nMore regular expression flaws.\n\nFor Debian 6 'Squeeze', these issues have been fixed in\nicu version 4.4.1-8+squeeze3.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2015/05/msg00003.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/icu\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icu-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lib32icu-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lib32icu44\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libicu-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libicu44\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libicu44-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/05/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"icu-doc\", reference:\"4.4.1-8+squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"lib32icu-dev\", reference:\"4.4.1-8+squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"lib32icu44\", reference:\"4.4.1-8+squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libicu-dev\", reference:\"4.4.1-8+squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libicu44\", reference:\"4.4.1-8+squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libicu44-dbg\", reference:\"4.4.1-8+squeeze3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2014-6585", "CVE-2014-6591", "CVE-2014-7923", "CVE-2014-7926", "CVE-2014-9654"], "description": "Tools and utilities for developing with icu. ", "modified": "2015-04-28T12:58:53", "published": "2015-04-28T12:58:53", "id": "FEDORA:456376058289", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 21 Update: icu-52.1-6.fc21", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2014-6585", "CVE-2014-6591", "CVE-2014-7923", "CVE-2014-7926", "CVE-2014-9654"], "description": "Tools and utilities for developing with icu. ", "modified": "2015-04-28T12:58:22", "published": "2015-04-28T12:58:22", "id": "FEDORA:DDCDA60582B7", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: icu-50.1.2-12.fc20", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2014-6585", "CVE-2014-6591", "CVE-2014-7923", "CVE-2014-7926", "CVE-2014-9654"], "description": "Tools and utilities for developing with icu. ", "modified": "2015-10-13T17:07:12", "published": "2015-10-13T17:07:12", "id": "FEDORA:D1E11620D217", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 22 Update: icu-54.1-4.fc22", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2014-6585", "CVE-2014-6591", "CVE-2014-7923", "CVE-2014-7926", "CVE-2014-9654"], "description": "Tools and utilities for developing with icu. ", "modified": "2015-09-24T05:27:12", "published": "2015-09-24T05:27:12", "id": "FEDORA:B72AB60A6822", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 23 Update: icu-54.1-5.fc23", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2014-6585", "CVE-2014-6591"], "description": "Tools and utilities for developing with icu. ", "modified": "2015-03-22T04:41:48", "published": "2015-03-22T04:41:48", "id": "FEDORA:00D0E60BD9AA", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: icu-50.1.2-11.fc20", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2014-6585", "CVE-2014-6591"], "description": "Tools and utilities for developing with icu. ", "modified": "2015-04-02T15:35:43", "published": "2015-04-02T15:35:43", "id": "FEDORA:DE02E608A49F", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 21 Update: icu-52.1-5.fc21", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}], "cve": [{"lastseen": "2020-12-09T19:58:29", "description": "The Regular Expressions package in International Components for Unicode (ICU) for C/C++ before 2014-12-03, as used in Google Chrome before 40.0.2214.91, calculates certain values without ensuring that they can be represented in a 24-bit field, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted string, a related issue to CVE-2014-7923.", "edition": 6, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-04-24T06:59:00", "title": "CVE-2014-9654", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9654"], "modified": "2019-04-23T19:29:00", "cpe": ["cpe:/a:google:chrome:40.0.2214.85"], "id": "CVE-2014-9654", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9654", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:google:chrome:40.0.2214.85:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:58:28", "description": "The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors related to a zero-length quantifier.", "edition": 6, "cvss3": {}, "published": "2015-01-22T22:59:00", "title": "CVE-2014-7926", "type": "cve", "cwe": ["CWE-17"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-7926"], "modified": "2019-04-23T19:29:00", "cpe": ["cpe:/o:oracle:communications_messaging_server:7.0.5", "cpe:/a:google:chrome:40.0.2214.85", "cpe:/o:opensuse:opensuse:13.1", "cpe:/o:redhat:enterprise_linux_server_supplementary_eus:6.6.z", "cpe:/o:opensuse:opensuse:13.2", "cpe:/o:redhat:enterprise_linux_workstation_supplementary:6.0", "cpe:/o:redhat:enterprise_linux_server_supplementary:6.0", "cpe:/o:canonical:ubuntu_linux:14.10", "cpe:/o:redhat:enterprise_linux_desktop_supplementary:6.0", "cpe:/o:oracle:communications_messaging_server:8.0", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "CVE-2014-7926", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7926", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:oracle:communications_messaging_server:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_supplementary_eus:6.6.z:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "cpe:2.3:o:oracle:communications_messaging_server:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:40.0.2214.85:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"]}, {"lastseen": "2020-12-09T19:58:28", "description": "The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors related to a look-behind expression.", "edition": 6, "cvss3": {}, "published": "2015-01-22T22:59:00", "title": "CVE-2014-7923", "type": "cve", "cwe": ["CWE-17"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-7923"], "modified": "2019-04-23T19:29:00", "cpe": ["cpe:/a:oracle:communications_messaging_server:8.0", "cpe:/a:google:chrome:40.0.2214.85", "cpe:/o:opensuse:opensuse:13.1", "cpe:/o:redhat:enterprise_linux_server_supplementary_eus:6.6.z", "cpe:/a:oracle:communications_messaging_server:7.0.5", "cpe:/o:opensuse:opensuse:13.2", "cpe:/o:redhat:enterprise_linux_workstation_supplementary:6.0", "cpe:/o:redhat:enterprise_linux_server_supplementary:6.0", "cpe:/o:canonical:ubuntu_linux:14.10", "cpe:/o:redhat:enterprise_linux_desktop_supplementary:6.0", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "CVE-2014-7923", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7923", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:oracle:communications_messaging_server:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_messaging_server:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_supplementary_eus:6.6.z:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:40.0.2214.85:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"]}, {"lastseen": "2020-10-03T12:01:20", "description": "Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to 2D, a different vulnerability than CVE-2014-6591.\nper: \"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html\"\n\nApplies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets.", "edition": 4, "cvss3": {}, "published": "2015-01-21T15:28:00", "title": "CVE-2014-6585", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-6585"], "modified": "2020-09-08T13:00:00", "cpe": ["cpe:/a:oracle:jre:1.6.0", "cpe:/a:oracle:jdk:1.5.0", "cpe:/a:oracle:jdk:1.6.0", "cpe:/a:oracle:jre:1.8.0", "cpe:/a:oracle:jdk:1.7.0", "cpe:/a:oracle:jre:1.7.0", "cpe:/a:oracle:jre:1.5.0", "cpe:/a:oracle:jdk:1.8.0"], "id": "CVE-2014-6585", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6585", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:oracle:jdk:1.8.0:update25:*:*:*:*:*:*", "cpe:2.3:a:oracle:jre:1.6.0:update_85:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdk:1.5.0:update_75:*:*:*:*:*:*", "cpe:2.3:a:oracle:jre:1.5.0:update_75:*:*:*:*:*:*", "cpe:2.3:a:oracle:jre:1.7.0:update_72:*:*:*:*:*:*", "cpe:2.3:a:oracle:jre:1.8.0:update_25:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdk:1.7.0:update72:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdk:1.6.0:update_85:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T12:01:20", "description": "Unspecified vulnerability in the Java SE component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to 2D, a different vulnerability than CVE-2014-6585.\nPer: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html\n\nApplies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets.", "edition": 4, "cvss3": {}, "published": "2015-01-21T15:28:00", "title": "CVE-2014-6591", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-6591"], "modified": "2020-09-08T13:00:00", "cpe": ["cpe:/a:oracle:jre:1.6.0", "cpe:/a:oracle:jdk:1.5.0", "cpe:/a:oracle:jdk:1.6.0", "cpe:/a:oracle:jre:1.8.0", "cpe:/a:oracle:jdk:1.7.0", "cpe:/a:oracle:jre:1.7.0", "cpe:/a:oracle:jre:1.5.0", "cpe:/a:oracle:jdk:1.8.0"], "id": "CVE-2014-6591", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6591", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:oracle:jdk:1.8.0:update25:*:*:*:*:*:*", "cpe:2.3:a:oracle:jre:1.6.0:update_85:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdk:1.5.0:update_75:*:*:*:*:*:*", "cpe:2.3:a:oracle:jre:1.5.0:update_75:*:*:*:*:*:*", "cpe:2.3:a:oracle:jre:1.7.0:update_72:*:*:*:*:*:*", "cpe:2.3:a:oracle:jre:1.8.0:update_25:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdk:1.7.0:update72:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdk:1.6.0:update_85:*:*:*:*:*:*"]}], "gentoo": [{"lastseen": "2016-09-06T19:46:03", "bulletinFamily": "unix", "cvelist": ["CVE-2014-7923", "CVE-2014-7940", "CVE-2014-9654", "CVE-2014-7926"], "description": "### Background\n\nICU is a mature, widely used set of C/C++ and Java libraries providing Unicode and Globalization support for software applications. \n\n### Description\n\nMultiple vulnerabilities have been discovered in ICU. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker can cause Denial of Service.\n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll ICU users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/icu-54.1-r1\"", "edition": 1, "modified": "2015-03-14T00:00:00", "published": "2015-03-14T00:00:00", "id": "GLSA-201503-06", "href": "https://security.gentoo.org/glsa/201503-06", "type": "gentoo", "title": "ICU: Multiple Vulnerabilities", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:57", "bulletinFamily": "software", "cvelist": ["CVE-2013-2384", "CVE-2014-7923", "CVE-2014-6585", "CVE-2014-7940", "CVE-2014-9654", "CVE-2013-2419", "CVE-2014-7926", "CVE-2014-6591", "CVE-2013-2383", "CVE-2013-1569"], "description": "\r\n\r\n==========================================================================\r\nUbuntu Security Notice USN-2522-1\r\nMarch 05, 2015\r\n\r\nicu vulnerabilities\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 14.10\r\n- Ubuntu 14.04 LTS\r\n- Ubuntu 12.04 LTS\r\n\r\nSummary:\r\n\r\nICU could be made to crash or run programs as your login if it processed\r\nspecially crafted data.\r\n\r\nSoftware Description:\r\n- icu: International Components for Unicode library\r\n\r\nDetails:\r\n\r\nIt was discovered that ICU incorrectly handled memory operations when\r\nprocessing fonts. If an application using ICU processed crafted data, an\r\nattacker could cause it to crash or potentially execute arbitrary code with\r\nthe privileges of the user invoking the program. This issue only affected\r\nUbuntu 12.04 LTS. (CVE-2013-1569, CVE-2013-2383, CVE-2013-2384,\r\nCVE-2013-2419)\r\n\r\nIt was discovered that ICU incorrectly handled memory operations when\r\nprocessing fonts. If an application using ICU processed crafted data, an\r\nattacker could cause it to crash or potentially execute arbitrary code with\r\nthe privileges of the user invoking the program. (CVE-2014-6585,\r\nCVE-2014-6591)\r\n\r\nIt was discovered that ICU incorrectly handled memory operations when\r\nprocessing regular expressions. If an application using ICU processed\r\ncrafted data, an attacker could cause it to crash or potentially execute\r\narbitrary code with the privileges of the user invoking the program.\r\n(CVE-2014-7923, CVE-2014-7926, CVE-2014-9654)\r\n\r\nIt was discovered that ICU collator implementation incorrectly handled\r\nmemory operations. If an application using ICU processed crafted data, an\r\nattacker could cause it to crash or potentially execute arbitrary code with\r\nthe privileges of the user invoking the program. (CVE-2014-7940)\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 14.10:\r\n libicu52 52.1-6ubuntu0.2\r\n\r\nUbuntu 14.04 LTS:\r\n libicu52 52.1-3ubuntu0.2\r\n\r\nUbuntu 12.04 LTS:\r\n libicu48 4.8.1.1-3ubuntu0.3\r\n\r\nIn general, a standard system update will make all the necessary changes.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-2522-1\r\n CVE-2013-1569, CVE-2013-2383, CVE-2013-2384, CVE-2013-2419,\r\n CVE-2014-6585, CVE-2014-6591, CVE-2014-7923, CVE-2014-7926,\r\n CVE-2014-7940, CVE-2014-9654\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/icu/52.1-6ubuntu0.2\r\n https://launchpad.net/ubuntu/+source/icu/52.1-3ubuntu0.2\r\n https://launchpad.net/ubuntu/+source/icu/4.8.1.1-3ubuntu0.3\r\n\r\n\r\n\r\n\r\n-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\r\n\r\n", "edition": 1, "modified": "2015-03-07T00:00:00", "published": "2015-03-07T00:00:00", "id": "SECURITYVULNS:DOC:31765", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31765", "title": "[USN-2522-1] ICU vulnerabilities", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:59", "bulletinFamily": "software", "cvelist": ["CVE-2013-2384", "CVE-2014-7923", "CVE-2014-6585", "CVE-2014-7940", "CVE-2014-9654", "CVE-2013-2419", "CVE-2014-7926", "CVE-2014-6591", "CVE-2013-2383", "CVE-2013-1569"], "description": "Multiple memory corruptions.", "edition": 1, "modified": "2015-03-07T00:00:00", "published": "2015-03-07T00:00:00", "id": "SECURITYVULNS:VULN:14291", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14291", "title": "libicu multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2020-07-02T11:41:33", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2384", "CVE-2014-7923", "CVE-2014-6585", "CVE-2014-7940", "CVE-2014-9654", "CVE-2013-2419", "CVE-2014-7926", "CVE-2014-6591", "CVE-2013-2383", "CVE-2013-1569"], "description": "USN-2522-1 fixed vulnerabilities in ICU. On Ubuntu 12.04 LTS, the font \npatches caused a regression when using LibreOffice Calc. The patches have \nbeen temporarily backed out until the regression is investigated.\n\nWe apologize for the inconvenience.\n\nOriginal advisory details:\n\nIt was discovered that ICU incorrectly handled memory operations when \nprocessing fonts. If an application using ICU processed crafted data, an \nattacker could cause it to crash or potentially execute arbitrary code with \nthe privileges of the user invoking the program. This issue only affected \nUbuntu 12.04 LTS. (CVE-2013-1569, CVE-2013-2383, CVE-2013-2384, \nCVE-2013-2419)\n\nIt was discovered that ICU incorrectly handled memory operations when \nprocessing fonts. If an application using ICU processed crafted data, an \nattacker could cause it to crash or potentially execute arbitrary code with \nthe privileges of the user invoking the program. (CVE-2014-6585, \nCVE-2014-6591)\n\nIt was discovered that ICU incorrectly handled memory operations when \nprocessing regular expressions. If an application using ICU processed \ncrafted data, an attacker could cause it to crash or potentially execute \narbitrary code with the privileges of the user invoking the program. \n(CVE-2014-7923, CVE-2014-7926, CVE-2014-9654)\n\nIt was discovered that ICU collator implementation incorrectly handled \nmemory operations. If an application using ICU processed crafted data, an \nattacker could cause it to crash or potentially execute arbitrary code with \nthe privileges of the user invoking the program. (CVE-2014-7940)", "edition": 5, "modified": "2015-03-06T00:00:00", "published": "2015-03-06T00:00:00", "id": "USN-2522-2", "href": "https://ubuntu.com/security/notices/USN-2522-2", "title": "ICU regression", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-02T11:34:06", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2384", "CVE-2014-7923", "CVE-2014-6585", "CVE-2014-7940", "CVE-2014-9654", "CVE-2013-2419", "CVE-2014-7926", "CVE-2014-6591", "CVE-2013-2383", "CVE-2013-1569"], "description": "USN-2522-1 fixed vulnerabilities in ICU. On Ubuntu 12.04 LTS, the font \npatches caused a regression when using LibreOffice Calc. The patches have \nnow been updated to fix the regression.\n\nWe apologize for the inconvenience.\n\nOriginal advisory details:\n\nIt was discovered that ICU incorrectly handled memory operations when \nprocessing fonts. If an application using ICU processed crafted data, an \nattacker could cause it to crash or potentially execute arbitrary code with \nthe privileges of the user invoking the program. This issue only affected \nUbuntu 12.04 LTS. (CVE-2013-1569, CVE-2013-2383, CVE-2013-2384, \nCVE-2013-2419)\n\nIt was discovered that ICU incorrectly handled memory operations when \nprocessing fonts. If an application using ICU processed crafted data, an \nattacker could cause it to crash or potentially execute arbitrary code with \nthe privileges of the user invoking the program. (CVE-2014-6585, \nCVE-2014-6591)\n\nIt was discovered that ICU incorrectly handled memory operations when \nprocessing regular expressions. If an application using ICU processed \ncrafted data, an attacker could cause it to crash or potentially execute \narbitrary code with the privileges of the user invoking the program. \n(CVE-2014-7923, CVE-2014-7926, CVE-2014-9654)\n\nIt was discovered that ICU collator implementation incorrectly handled \nmemory operations. If an application using ICU processed crafted data, an \nattacker could cause it to crash or potentially execute arbitrary code with \nthe privileges of the user invoking the program. (CVE-2014-7940)", "edition": 5, "modified": "2015-03-10T00:00:00", "published": "2015-03-10T00:00:00", "id": "USN-2522-3", "href": "https://ubuntu.com/security/notices/USN-2522-3", "title": "ICU vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-02T11:33:22", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2384", "CVE-2014-7923", "CVE-2014-6585", "CVE-2014-7940", "CVE-2014-9654", "CVE-2013-2419", "CVE-2014-7926", "CVE-2014-6591", "CVE-2013-2383", "CVE-2013-1569"], "description": "It was discovered that ICU incorrectly handled memory operations when \nprocessing fonts. If an application using ICU processed crafted data, an \nattacker could cause it to crash or potentially execute arbitrary code with \nthe privileges of the user invoking the program. This issue only affected \nUbuntu 12.04 LTS. (CVE-2013-1569, CVE-2013-2383, CVE-2013-2384, \nCVE-2013-2419)\n\nIt was discovered that ICU incorrectly handled memory operations when \nprocessing fonts. If an application using ICU processed crafted data, an \nattacker could cause it to crash or potentially execute arbitrary code with \nthe privileges of the user invoking the program. (CVE-2014-6585, \nCVE-2014-6591)\n\nIt was discovered that ICU incorrectly handled memory operations when \nprocessing regular expressions. If an application using ICU processed \ncrafted data, an attacker could cause it to crash or potentially execute \narbitrary code with the privileges of the user invoking the program. \n(CVE-2014-7923, CVE-2014-7926, CVE-2014-9654)\n\nIt was discovered that ICU collator implementation incorrectly handled \nmemory operations. If an application using ICU processed crafted data, an \nattacker could cause it to crash or potentially execute arbitrary code with \nthe privileges of the user invoking the program. (CVE-2014-7940)", "edition": 5, "modified": "2015-03-05T00:00:00", "published": "2015-03-05T00:00:00", "id": "USN-2522-1", "href": "https://ubuntu.com/security/notices/USN-2522-1", "title": "ICU vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2020-08-12T01:05:53", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2384", "CVE-2014-7923", "CVE-2014-6585", "CVE-2014-7940", "CVE-2014-9654", "CVE-2013-2419", "CVE-2014-7926", "CVE-2014-6591", "CVE-2013-2383", "CVE-2013-1569"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3187-1 security@debian.org\nhttp://www.debian.org/security/ Michael Gilbert\nMarch 15, 2015 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : icu\nCVE ID : CVE-2013-1569 CVE-2013-2383 CVE-2013-2384 CVE-2013-2419\n CVE-2014-6585 CVE-2014-6591 CVE-2014-7923 CVE-2014-7926\n CVE-2014-7940 CVE-2014-9654\nDebian Bug : 775884 776264 776265 776719\n\nSeveral vulnerabilities were discovered in the International Components\nfor Unicode (ICU) library.\n\nCVE-2013-1569\n\n Glyph table issue.\n\nCVE-2013-2383\n\n Glyph table issue.\n\nCVE-2013-2384\n\n Font layout issue.\n\nCVE-2013-2419\n\n Font processing issue.\n\nCVE-2014-6585\n\n Out-of-bounds read.\n\nCVE-2014-6591\n\n Additional out-of-bounds reads.\n\nCVE-2014-7923\n\n Memory corruption in regular expression comparison.\n\nCVE-2014-7926\n\n Memory corruption in regular expression comparison.\n\nCVE-2014-7940\n\n Uninitialized memory.\n\nCVE-2014-9654\n\n More regular expression flaws.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 4.8.1.1-12+deb7u2.\n\nFor the upcoming stable (jessie) and unstable (sid) distributions, these\nproblems have been fixed in version 52.1-7.1.\n\nWe recommend that you upgrade your icu packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 9, "modified": "2015-03-15T05:02:46", "published": "2015-03-15T05:02:46", "id": "DEBIAN:DSA-3187-1:97BB3", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2015/msg00072.html", "title": "[SECURITY] [DSA 3187-1] icu security update", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-11-11T13:24:23", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2384", "CVE-2014-7923", "CVE-2014-6585", "CVE-2014-7940", "CVE-2014-9654", "CVE-2013-2419", "CVE-2014-7926", "CVE-2014-6591", "CVE-2013-2383", "CVE-2013-1569"], "description": "Package : icu\nVersion : 4.4.1-8+squeeze3\nCVE ID : CVE-2013-1569 CVE-2013-2383 CVE-2013-2384 CVE-2013-2419\n CVE-2014-6585 CVE-2014-6591 CVE-2014-7923 CVE-2014-7926\n CVE-2014-7940 CVE-2014-9654\n\nSeveral vulnerabilities were discovered in the International Components\nfor Unicode (ICU) library:\n\nCVE-2013-1569\n\n Glyph table issue.\n\nCVE-2013-2383\n\n Glyph table issue.\n\nCVE-2013-2384\n\n Font layout issue.\n\nCVE-2013-2419\n\n Font processing issue.\n\nCVE-2014-6585\n\n Out-of-bounds read.\n\nCVE-2014-6591\n\n Additional out-of-bounds reads.\n\nCVE-2014-7923\n\n Memory corruption in regular expression comparison.\n\nCVE-2014-7926\n\n Memory corruption in regular expression comparison.\n\nCVE-2014-7940\n\n Uninitialized memory.\n\nCVE-2014-9654\n\n More regular expression flaws.\n\nFor Debian 6 \u201cSqueeze\u201d, these issues have been fixed in icu version\n4.4.1-8+squeeze3.\n", "edition": 7, "modified": "2015-05-14T09:45:48", "published": "2015-05-14T09:45:48", "id": "DEBIAN:DLA-219-1:C7AC1", "href": "https://lists.debian.org/debian-lts-announce/2015/debian-lts-announce-201505/msg00003.html", "title": "[SECURITY] [DLA 219-1] icu security update", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-11-11T13:24:28", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566", "CVE-2015-0395", "CVE-2015-0407", "CVE-2014-6585", "CVE-2015-0410", "CVE-2015-0383", "CVE-2014-6587", "CVE-2014-6593", "CVE-2014-6601", "CVE-2015-0408", "CVE-2014-6591", "CVE-2015-0412"], "description": "Package : openjdk-6\nVersion : 6b34-1.13.6-1~deb6u1\nCVE ID : CVE-2014-3566 CVE-2014-6585 CVE-2014-6587 CVE-2014-6591 \n CVE-2014-6593 CVE-2014-6601 CVE-2015-0383 CVE-2015-0395\n CVE-2015-0407 CVE-2015-0408 CVE-2015-0410 CVE-2015-0412\n\nSeveral vulnerabilities have been discovered in OpenJDK, an\nimplementation of the Oracle Java platform, resulting in the execution\nof arbitrary code, information disclosure or denial of service.\n", "edition": 9, "modified": "2015-02-24T18:21:33", "published": "2015-02-24T18:21:33", "id": "DEBIAN:DLA-157-1:370F5", "href": "https://lists.debian.org/debian-lts-announce/2015/debian-lts-announce-201502/msg00011.html", "title": "[SECURITY] [DLA 157-1] openjdk-6 security update", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-30T02:21:36", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566", "CVE-2015-0395", "CVE-2015-0407", "CVE-2014-6585", "CVE-2015-0410", "CVE-2015-0383", "CVE-2014-6587", "CVE-2014-6593", "CVE-2014-6601", "CVE-2015-0408", "CVE-2014-6591", "CVE-2015-0412"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3147-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nJanuary 30, 2015 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : openjdk-6\nCVE ID : CVE-2014-3566 CVE-2014-6585 CVE-2014-6587 CVE-2014-6591 \n CVE-2014-6593 CVE-2014-6601 CVE-2015-0383 CVE-2015-0395\n CVE-2015-0407 CVE-2015-0408 CVE-2015-0410 CVE-2015-0412\n\nSeveral vulnerabilities have been discovered in OpenJDK, an\nimplementation of the Oracle Java platform, resulting in the execution\nof arbitrary code, information disclosure or denial of service.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 6b34-1.13.6-1~deb7u1.\n\nWe recommend that you upgrade your openjdk-6 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 3, "modified": "2015-01-30T15:57:44", "published": "2015-01-30T15:57:44", "id": "DEBIAN:DSA-3147-1:2E393", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2015/msg00030.html", "title": "[SECURITY] [DSA 3147-1] openjdk-6 security update", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:46:12", "bulletinFamily": "unix", "cvelist": ["CVE-2014-6585", "CVE-2014-6591", "CVE-2014-6593", "CVE-2014-8891", "CVE-2014-8892", "CVE-2015-0395", "CVE-2015-0407", "CVE-2015-0408", "CVE-2015-0410"], "description": "IBM J2SE version 5.0 includes the IBM Java Runtime Environment and the IBM\nJava Software Development Kit.\n\nThis update fixes several vulnerabilities in the IBM Java Runtime\nEnvironment and the IBM Java Software Development Kit. Detailed\nvulnerability descriptions are linked from the IBM Security alerts\npage, listed in the References section. (CVE-2014-6585, CVE-2014-6591,\nCVE-2014-6593, CVE-2014-8891, CVE-2014-8892, CVE-2015-0395, CVE-2015-0407,\nCVE-2015-0408, CVE-2015-0410)\n\nAll users of java-1.5.0-ibm are advised to upgrade to these updated\npackages, containing the IBM J2SE 5.0 SR16-FP9 release. All running\ninstances of IBM Java must be restarted for this update to take effect.\n", "modified": "2018-06-07T09:04:23", "published": "2015-02-05T05:00:00", "id": "RHSA-2015:0136", "href": "https://access.redhat.com/errata/RHSA-2015:0136", "type": "redhat", "title": "(RHSA-2015:0136) Important: java-1.5.0-ibm security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:46:52", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566", "CVE-2014-6585", "CVE-2014-6587", "CVE-2014-6591", "CVE-2014-6593", "CVE-2014-6601", "CVE-2015-0383", "CVE-2015-0395", "CVE-2015-0407", "CVE-2015-0408", "CVE-2015-0410", "CVE-2015-0412"], "description": "The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime\nEnvironment and the OpenJDK 7 Java Software Development Kit.\n\nA flaw was found in the way the Hotspot component in OpenJDK verified\nbytecode from the class files. An untrusted Java application or applet\ncould possibly use this flaw to bypass Java sandbox restrictions.\n(CVE-2014-6601)\n\nMultiple improper permission check issues were discovered in the JAX-WS,\nand RMI components in OpenJDK. An untrusted Java application or applet\ncould use these flaws to bypass Java sandbox restrictions. (CVE-2015-0412,\nCVE-2015-0408)\n\nA flaw was found in the way the Hotspot garbage collector handled phantom\nreferences. An untrusted Java application or applet could use this flaw to\ncorrupt the Java Virtual Machine memory and, possibly, execute arbitrary\ncode, bypassing Java sandbox restrictions. (CVE-2015-0395)\n\nA flaw was found in the way the DER (Distinguished Encoding Rules) decoder\nin the Security component in OpenJDK handled negative length values. A\nspecially crafted, DER-encoded input could cause a Java application to\nenter an infinite loop when decoded. (CVE-2015-0410)\n\nA flaw was found in the way the SSL 3.0 protocol handled padding bytes when\ndecrypting messages that were encrypted using block ciphers in cipher block\nchaining (CBC) mode. This flaw could possibly allow a man-in-the-middle\n(MITM) attacker to decrypt portions of the cipher text using a padding\noracle attack. (CVE-2014-3566)\n\nNote: This update disables SSL 3.0 by default to address this issue.\nThe jdk.tls.disabledAlgorithms security property can be used to re-enable\nSSL 3.0 support if needed. For additional information, refer to the Red Hat\nBugzilla bug linked to in the References section.\n\nIt was discovered that the SSL/TLS implementation in the JSSE component in\nOpenJDK failed to properly check whether the ChangeCipherSpec was received\nduring the SSL/TLS connection handshake. An MITM attacker could possibly\nuse this flaw to force a connection to be established without encryption\nbeing enabled. (CVE-2014-6593)\n\nAn information leak flaw was found in the Swing component in OpenJDK. An\nuntrusted Java application or applet could use this flaw to bypass certain\nJava sandbox restrictions. (CVE-2015-0407)\n\nA NULL pointer dereference flaw was found in the MulticastSocket\nimplementation in the Libraries component of OpenJDK. An untrusted Java\napplication or applet could possibly use this flaw to bypass certain Java\nsandbox restrictions. (CVE-2014-6587)\n\nMultiple boundary check flaws were found in the font parsing code in the 2D\ncomponent in OpenJDK. A specially crafted font file could allow an\nuntrusted Java application or applet to disclose portions of the Java\nVirtual Machine memory. (CVE-2014-6585, CVE-2014-6591)\n\nMultiple insecure temporary file use issues were found in the way the\nHotspot component in OpenJDK created performance statistics and error log\nfiles. A local attacker could possibly make a victim using OpenJDK\noverwrite arbitrary files using a symlink attack. (CVE-2015-0383)\n\nThe CVE-2015-0383 issue was discovered by Red Hat.\n\nNote: If the web browser plug-in provided by the icedtea-web package was\ninstalled, the issues exposed via Java applets could have been exploited\nwithout user interaction if a user visited a malicious website.\n\nAll users of java-1.7.0-openjdk are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK Java\nmust be restarted for the update to take effect.\n", "modified": "2018-06-06T20:24:05", "published": "2015-01-21T05:00:00", "id": "RHSA-2015:0067", "href": "https://access.redhat.com/errata/RHSA-2015:0067", "type": "redhat", "title": "(RHSA-2015:0067) Critical: java-1.7.0-openjdk security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:45:11", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566", "CVE-2014-6585", "CVE-2014-6587", "CVE-2014-6591", "CVE-2014-6593", "CVE-2014-6601", "CVE-2015-0383", "CVE-2015-0395", "CVE-2015-0407", "CVE-2015-0408", "CVE-2015-0410", "CVE-2015-0412"], "description": "The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime\nEnvironment and the OpenJDK 6 Java Software Development Kit.\n\nA flaw was found in the way the Hotspot component in OpenJDK verified\nbytecode from the class files. An untrusted Java application or applet\ncould possibly use this flaw to bypass Java sandbox restrictions.\n(CVE-2014-6601)\n\nMultiple improper permission check issues were discovered in the JAX-WS,\nand RMI components in OpenJDK. An untrusted Java application or applet\ncould use these flaws to bypass Java sandbox restrictions. (CVE-2015-0412,\nCVE-2015-0408)\n\nA flaw was found in the way the Hotspot garbage collector handled phantom\nreferences. An untrusted Java application or applet could use this flaw to\ncorrupt the Java Virtual Machine memory and, possibly, execute arbitrary\ncode, bypassing Java sandbox restrictions. (CVE-2015-0395)\n\nA flaw was found in the way the DER (Distinguished Encoding Rules) decoder\nin the Security component in OpenJDK handled negative length values. A\nspecially crafted, DER-encoded input could cause a Java application to\nenter an infinite loop when decoded. (CVE-2015-0410)\n\nA flaw was found in the way the SSL 3.0 protocol handled padding bytes when\ndecrypting messages that were encrypted using block ciphers in cipher block\nchaining (CBC) mode. This flaw could possibly allow a man-in-the-middle\n(MITM) attacker to decrypt portions of the cipher text using a padding\noracle attack. (CVE-2014-3566)\n\nNote: This update disables SSL 3.0 by default to address this issue.\nThe jdk.tls.disabledAlgorithms security property can be used to re-enable\nSSL 3.0 support if needed. For additional information, refer to the Red Hat\nBugzilla bug linked to in the References section.\n\nIt was discovered that the SSL/TLS implementation in the JSSE component in\nOpenJDK failed to properly check whether the ChangeCipherSpec was received\nduring the SSL/TLS connection handshake. An MITM attacker could possibly\nuse this flaw to force a connection to be established without encryption\nbeing enabled. (CVE-2014-6593)\n\nAn information leak flaw was found in the Swing component in OpenJDK. An\nuntrusted Java application or applet could use this flaw to bypass certain\nJava sandbox restrictions. (CVE-2015-0407)\n\nA NULL pointer dereference flaw was found in the MulticastSocket\nimplementation in the Libraries component of OpenJDK. An untrusted Java\napplication or applet could possibly use this flaw to bypass certain Java\nsandbox restrictions. (CVE-2014-6587)\n\nMultiple boundary check flaws were found in the font parsing code in the 2D\ncomponent in OpenJDK. A specially crafted font file could allow an\nuntrusted Java application or applet to disclose portions of the Java\nVirtual Machine memory. (CVE-2014-6585, CVE-2014-6591)\n\nMultiple insecure temporary file use issues were found in the way the\nHotspot component in OpenJDK created performance statistics and error log\nfiles. A local attacker could possibly make a victim using OpenJDK\noverwrite arbitrary files using a symlink attack. (CVE-2015-0383)\n\nThe CVE-2015-0383 issue was discovered by Red Hat.\n\nAll users of java-1.6.0-openjdk are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK Java\nmust be restarted for the update to take effect.\n", "modified": "2018-06-06T20:24:13", "published": "2015-01-26T05:00:00", "id": "RHSA-2015:0085", "href": "https://access.redhat.com/errata/RHSA-2015:0085", "type": "redhat", "title": "(RHSA-2015:0085) Important: java-1.6.0-openjdk security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:47:08", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566", "CVE-2014-6585", "CVE-2014-6587", "CVE-2014-6591", "CVE-2014-6593", "CVE-2014-6601", "CVE-2015-0383", "CVE-2015-0395", "CVE-2015-0407", "CVE-2015-0408", "CVE-2015-0410", "CVE-2015-0412"], "description": "The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime\nEnvironment and the OpenJDK 7 Java Software Development Kit.\n\nA flaw was found in the way the Hotspot component in OpenJDK verified\nbytecode from the class files. An untrusted Java application or applet\ncould possibly use this flaw to bypass Java sandbox restrictions.\n(CVE-2014-6601)\n\nMultiple improper permission check issues were discovered in the JAX-WS,\nand RMI components in OpenJDK. An untrusted Java application or applet\ncould use these flaws to bypass Java sandbox restrictions. (CVE-2015-0412,\nCVE-2015-0408)\n\nA flaw was found in the way the Hotspot garbage collector handled phantom\nreferences. An untrusted Java application or applet could use this flaw to\ncorrupt the Java Virtual Machine memory and, possibly, execute arbitrary\ncode, bypassing Java sandbox restrictions. (CVE-2015-0395)\n\nA flaw was found in the way the DER (Distinguished Encoding Rules) decoder\nin the Security component in OpenJDK handled negative length values. A\nspecially crafted, DER-encoded input could cause a Java application to\nenter an infinite loop when decoded. (CVE-2015-0410)\n\nA flaw was found in the way the SSL 3.0 protocol handled padding bytes when\ndecrypting messages that were encrypted using block ciphers in cipher block\nchaining (CBC) mode. This flaw could possibly allow a man-in-the-middle\n(MITM) attacker to decrypt portions of the cipher text using a padding\noracle attack. (CVE-2014-3566)\n\nNote: This update disables SSL 3.0 by default to address this issue.\nThe jdk.tls.disabledAlgorithms security property can be used to re-enable\nSSL 3.0 support if needed. For additional information, refer to the Red Hat\nBugzilla bug linked to in the References section.\n\nIt was discovered that the SSL/TLS implementation in the JSSE component in\nOpenJDK failed to properly check whether the ChangeCipherSpec was received\nduring the SSL/TLS connection handshake. An MITM attacker could possibly\nuse this flaw to force a connection to be established without encryption\nbeing enabled. (CVE-2014-6593)\n\nAn information leak flaw was found in the Swing component in OpenJDK. An\nuntrusted Java application or applet could use this flaw to bypass certain\nJava sandbox restrictions. (CVE-2015-0407)\n\nA NULL pointer dereference flaw was found in the MulticastSocket\nimplementation in the Libraries component of OpenJDK. An untrusted Java\napplication or applet could possibly use this flaw to bypass certain Java\nsandbox restrictions. (CVE-2014-6587)\n\nMultiple boundary check flaws were found in the font parsing code in the 2D\ncomponent in OpenJDK. A specially crafted font file could allow an\nuntrusted Java application or applet to disclose portions of the Java\nVirtual Machine memory. (CVE-2014-6585, CVE-2014-6591)\n\nMultiple insecure temporary file use issues were found in the way the\nHotspot component in OpenJDK created performance statistics and error log\nfiles. A local attacker could possibly make a victim using OpenJDK\noverwrite arbitrary files using a symlink attack. (CVE-2015-0383)\n\nThe CVE-2015-0383 issue was discovered by Red Hat.\n\nAll users of java-1.7.0-openjdk are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK Java\nmust be restarted for the update to take effect.\n", "modified": "2017-09-08T11:49:25", "published": "2015-01-20T05:00:00", "id": "RHSA-2015:0068", "href": "https://access.redhat.com/errata/RHSA-2015:0068", "type": "redhat", "title": "(RHSA-2015:0068) Important: java-1.7.0-openjdk security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "f5": [{"lastseen": "2017-06-08T00:16:30", "bulletinFamily": "software", "cvelist": ["CVE-2015-0395", "CVE-2015-0407", "CVE-2014-6585", "CVE-2015-0410", "CVE-2015-0383", "CVE-2014-6587", "CVE-2014-6593", "CVE-2014-6601", "CVE-2015-0408", "CVE-2014-6591", "CVE-2015-0412"], "edition": 1, "description": "\nF5 Product Development has evaluated the currently supported releases for potential vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerabilities, and for information about releases or hotfixes that address the vulnerabilities, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| None| 11.0.0 - 11.6.0 \n10.0.0 - 10.2.4| Not vulnerable| None \nBIG-IP AAM| None| 11.4.0 - 11.6.0| Not vulnerable| None \nBIG-IP AFM| None| 11.3.0 - 11.6.0| Not vulnerable| None \nBIG-IP Analytics| None| 11.0.0 - 11.6.0| Not vulnerable| None \nBIG-IP APM| None| 11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP ASM| None| 11.0.0 - 11.6.0 \n10.0.0 - 10.2.4| Not vulnerable| None \nBIG-IP Edge Gateway| None| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP GTM| None| 11.0.0 - 11.6.0 \n10.0.0 - 10.2.4| Not vulnerable| None \nBIG-IP Link Controller| None| 11.0.0 - 11.6.0 \n10.0.0 - 10.2.4| Not vulnerable| None \nBIG-IP PEM| None| 11.3.0 - 11.6.0| Not vulnerable| None \nBIG-IP PSM| None| 11.0.0 - 11.4.1 \n10.0.0 - 10.2.4| Not vulnerable| None \nBIG-IP WebAccelerator| None| 11.0.0 - 11.3.0 \n10.0.0 - 10.2.4| Not vulnerable| None \nBIG-IP WOM| None| 11.0.0 - 11.3.0 \n10.0.0 - 10.2.4| Not vulnerable| None \nARX| None| 6.0.0 - 6.4.0| Not vulnerable| None \nEnterprise Manager| None| 3.0.0 - 3.1.1 \n2.1.0 - 2.3.0| Not vulnerable| None \nFirePass| None| 7.0.0 \n6.0.0 - 6.1.0| Not vulnerable| None \nBIG-IQ Cloud| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Device| None| 4.2.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Security| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ ADC| None| 4.5.0| Not vulnerable| None \nLineRate| None| 2.2.0 - 2.5.0 \n1.6.0 - 1.6.4| Not vulnerable| None \nF5 WebSafe| None| 1.0.0| Not vulnerable| None \nTraffix SDC| None| 4.0.0 - 4.1.0 \n3.3.2 - 3.5.1| Not vulnerable| None \nBIG-IP Edge Clients for Android| None| 2.0.0 - 2.0.6| Not vulnerable| None \nBIG-IP Edge Clients for Apple iOS| None| 2.0.0 - 2.0.4 \n1.0.5 - 1.0.6| Not vulnerable| None \nBIG-IP Edge Clients for Linux| None| 6035.x - 7110.x| Not vulnerable| None \nBIG-IP Edge Clients for MAC OS X| None| 6035.x - 7110.x| Not vulnerable| None \nBIG-IP Edge Clients for Windows| None| 6035.x - 7110.x| Not vulnerable| None \nBIG-IP Edge Clients Windows Phone 8.1| None| 1.0.0.x| Not vulnerable| None \nBIG-IP Edge Portal for Android| None| 1.0.0 - 1.0.2| Not vulnerable| None \nBIG-IP Edge Portal for Apple iOS| None| 1.0.0 - 1.0.3| Not vulnerable| None \n \n**Note**: As of February 17, 2015, AskF5 Security Advisory articles include the** Severity** value. Security Advisory articles published before this date do not list a** Severity** value.\n\nNone\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n", "modified": "2017-04-06T16:50:00", "published": "2015-04-02T23:52:00", "href": "https://support.f5.com/csp/article/K16352", "id": "F5:K16352", "title": "Multiple OpenJDK vulnerabilities", "type": "f5", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-11-09T00:09:29", "bulletinFamily": "software", "cvelist": ["CVE-2015-0395", "CVE-2015-0407", "CVE-2014-6585", "CVE-2015-0410", "CVE-2015-0383", "CVE-2014-6587", "CVE-2014-6593", "CVE-2014-6601", "CVE-2015-0408", "CVE-2014-6591", "CVE-2015-0412"], "edition": 1, "description": "Vulnerability Recommended Actions\n\nNone\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n", "modified": "2016-07-25T00:00:00", "published": "2015-04-02T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/16000/300/sol16352.html", "id": "SOL16352", "title": "SOL16352 - Multiple OpenJDK vulnerabilities", "type": "f5", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:38:19", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566", "CVE-2015-0395", "CVE-2015-0407", "CVE-2014-6585", "CVE-2015-0410", "CVE-2015-0383", "CVE-2014-6587", "CVE-2014-6593", "CVE-2014-6601", "CVE-2015-0408", "CVE-2014-6591", "CVE-2015-0412"], "description": "[1:1.7.0.75-2.5.4.0.0.1.el5_11]\n- Add oracle-enterprise.patch\n- Fix DISTRO_NAME to 'Oracle Linux'\n[1:1.7.0.75-2.5.4.0]\n- Bump to 2.5.4 using OpenJDK 7u75 b13.\n- Fix elliptic curve list as part of fsg.sh\n- Resolves: rhbz#1180294", "edition": 4, "modified": "2015-01-21T00:00:00", "published": "2015-01-21T00:00:00", "id": "ELSA-2015-0068", "href": "http://linux.oracle.com/errata/ELSA-2015-0068.html", "title": "java-1.7.0-openjdk security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:34:56", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566", "CVE-2015-0395", "CVE-2015-0407", "CVE-2014-6585", "CVE-2015-0410", "CVE-2015-0383", "CVE-2014-6587", "CVE-2014-6593", "CVE-2014-6601", "CVE-2015-0408", "CVE-2014-6591", "CVE-2015-0412"], "description": "[1:1.7.0.75-2.5.4.0.0.1.el6_6]\n- Update DISTRO_NAME in specfile\n[1:1.7.0.75-2.5.4.0]\n- Fix abrt_friendly_hs_log_jdk7.patch to apply again.\n[1:1.7.0.75-2.5.4.0]\n- Bump to 2.5.4 using OpenJDK 7u75 b13.\n- Remove earlier temporary patch for RH1146622 (included upstream)\n- Fix elliptic curve list as part of fsg.sh\n- Resolves: rhbz#1180295\n- Resolves: rhbz#1173706", "edition": 4, "modified": "2015-01-21T00:00:00", "published": "2015-01-21T00:00:00", "id": "ELSA-2015-0067", "href": "http://linux.oracle.com/errata/ELSA-2015-0067.html", "title": "java-1.7.0-openjdk security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:39", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566", "CVE-2015-0395", "CVE-2015-0407", "CVE-2014-6585", "CVE-2015-0410", "CVE-2015-0383", "CVE-2014-6587", "CVE-2014-6593", "CVE-2014-6601", "CVE-2015-0408", "CVE-2014-6591", "CVE-2015-0412"], "description": "[1:1.6.0.33-1.13.6.1.0.1.el5_11]\n- Add oracle-enterprise.patch\n[1:1.6.0.34-1.13.6.1]\n- Update to latest 1.13.6 release candidate tarball\n- Fixes a number of issues found with b34:\n- * OJ51, PR2187: Sync patch for 4873188 with 7 version\n- * OJ52, PR2185: Application of 6786276 introduces compatibility issue\n- * OJ53, PR2181: strict-aliasing warnings issued on PPC32\n- * OJ54, PR2182: 6911104 reintroduces test fragment removed in existing 6964018 backport\n- * S6730740, PR2186: Fix for 6729881 has apparently broken several 64 bit tests: 'Bad address'\n- * S7031830, PR2183: bad_record_mac failure on TLSv1.2 enabled connection with SSLEngine\n- Also includes PR2180, so patch dropped from RPM.\n- Resolves: rhbz#1180289\n[1:1.6.0.34-1.13.6.0]\n- Apply pr2180.patch to work around issue with older autotools.\n- Resolves: rhbz#1180289\n[1:1.6.0.34-1.13.6.0]\n- Update to IcedTea 1.13.6\n- Apply pr2125.patch in generate_rhel_zip.sh to remove unwanted elliptic curves.\n- Add no_pr2125.patch to avoid repeating the procedure during the IcedTea build.\n- Avoid duplicating the OpenJDK build version by making more use of %{openjdkver}.\n- Add US_export_policy.jar and local_policy.jar to packages.\n- Resolves: rhbz#1180289", "edition": 4, "modified": "2015-01-26T00:00:00", "published": "2015-01-26T00:00:00", "id": "ELSA-2015-0085", "href": "http://linux.oracle.com/errata/ELSA-2015-0085.html", "title": "java-1.6.0-openjdk security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "amazon": [{"lastseen": "2020-11-10T12:35:51", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566", "CVE-2015-0395", "CVE-2015-0407", "CVE-2014-6585", "CVE-2015-0410", "CVE-2015-0383", "CVE-2014-6587", "CVE-2014-6593", "CVE-2014-6601", "CVE-2015-0408", "CVE-2014-6591", "CVE-2015-0412"], "description": "**Issue Overview:**\n\nA flaw was found in the way the Hotspot component in OpenJDK verified bytecode from the class files. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions. ([CVE-2014-6601 __](<https://access.redhat.com/security/cve/CVE-2014-6601>))\n\nMultiple improper permission check issues were discovered in the JAX-WS, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. ([CVE-2015-0412 __](<https://access.redhat.com/security/cve/CVE-2015-0412>), [CVE-2015-0408 __](<https://access.redhat.com/security/cve/CVE-2015-0408>))\n\nA flaw was found in the way the Hotspot garbage collector handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. ([CVE-2015-0395 __](<https://access.redhat.com/security/cve/CVE-2015-0395>))\n\nA flaw was found in the way the DER (Distinguished Encoding Rules) decoder in the Security component in OpenJDK handled negative length values. A specially crafted, DER-encoded input could cause a Java application to enter an infinite loop when decoded. ([CVE-2015-0410 __](<https://access.redhat.com/security/cve/CVE-2015-0410>))\n\nA flaw was found in the way the SSL 3.0 protocol handled padding bytes when decrypting messages that were encrypted using block ciphers in cipher block chaining (CBC) mode. This flaw could possibly allow a man-in-the-middle (MITM) attacker to decrypt portions of the cipher text using a padding oracle attack. ([CVE-2014-3566 __](<https://access.redhat.com/security/cve/CVE-2014-3566>))\n\nNote: This update disables SSL 3.0 by default to address this issue. The jdk.tls.disabledAlgorithms security property can be used to re-enable SSL 3.0 support if needed. For additional information, refer to the Red Hat Bugzilla bug linked to in the References section.\n\nIt was discovered that the SSL/TLS implementation in the JSSE component in OpenJDK failed to properly check whether the ChangeCipherSpec was received during the SSL/TLS connection handshake. An MITM attacker could possibly use this flaw to force a connection to be established without encryption being enabled. ([CVE-2014-6593 __](<https://access.redhat.com/security/cve/CVE-2014-6593>))\n\nAn information leak flaw was found in the Swing component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. ([CVE-2015-0407 __](<https://access.redhat.com/security/cve/CVE-2015-0407>))\n\nA NULL pointer dereference flaw was found in the MulticastSocket implementation in the Libraries component of OpenJDK. An untrusted Java application or applet could possibly use this flaw to bypass certain Java sandbox restrictions. ([CVE-2014-6587 __](<https://access.redhat.com/security/cve/CVE-2014-6587>))\n\nMultiple boundary check flaws were found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could allow an untrusted Java application or applet to disclose portions of the Java Virtual Machine memory. ([CVE-2014-6585 __](<https://access.redhat.com/security/cve/CVE-2014-6585>), [CVE-2014-6591 __](<https://access.redhat.com/security/cve/CVE-2014-6591>))\n\nMultiple insecure temporary file use issues were found in the way the Hotspot component in OpenJDK created performance statistics and error log files. A local attacker could possibly make a victim using OpenJDK overwrite arbitrary files using a symlink attack. ([CVE-2015-0383 __](<https://access.redhat.com/security/cve/CVE-2015-0383>))\n\n \n**Affected Packages:** \n\n\njava-1.7.0-openjdk\n\n \n**Issue Correction:** \nRun _yum update java-1.7.0-openjdk_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n java-1.7.0-openjdk-debuginfo-1.7.0.75-2.5.4.0.53.amzn1.i686 \n java-1.7.0-openjdk-1.7.0.75-2.5.4.0.53.amzn1.i686 \n java-1.7.0-openjdk-demo-1.7.0.75-2.5.4.0.53.amzn1.i686 \n java-1.7.0-openjdk-src-1.7.0.75-2.5.4.0.53.amzn1.i686 \n java-1.7.0-openjdk-devel-1.7.0.75-2.5.4.0.53.amzn1.i686 \n \n noarch: \n java-1.7.0-openjdk-javadoc-1.7.0.75-2.5.4.0.53.amzn1.noarch \n \n src: \n java-1.7.0-openjdk-1.7.0.75-2.5.4.0.53.amzn1.src \n \n x86_64: \n java-1.7.0-openjdk-devel-1.7.0.75-2.5.4.0.53.amzn1.x86_64 \n java-1.7.0-openjdk-1.7.0.75-2.5.4.0.53.amzn1.x86_64 \n java-1.7.0-openjdk-src-1.7.0.75-2.5.4.0.53.amzn1.x86_64 \n java-1.7.0-openjdk-debuginfo-1.7.0.75-2.5.4.0.53.amzn1.x86_64 \n java-1.7.0-openjdk-demo-1.7.0.75-2.5.4.0.53.amzn1.x86_64 \n \n \n", "edition": 4, "modified": "2015-01-22T14:18:00", "published": "2015-01-22T14:18:00", "id": "ALAS-2015-471", "href": "https://alas.aws.amazon.com/ALAS-2015-471.html", "title": "Critical: java-1.7.0-openjdk", "type": "amazon", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "centos": [{"lastseen": "2019-12-20T18:28:40", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566", "CVE-2015-0395", "CVE-2015-0407", "CVE-2014-6585", "CVE-2015-0410", "CVE-2015-0383", "CVE-2014-6587", "CVE-2014-6593", "CVE-2014-6601", "CVE-2015-0408", "CVE-2014-6591", "CVE-2015-0412"], "description": "**CentOS Errata and Security Advisory** CESA-2015:0068\n\n\nThe java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime\nEnvironment and the OpenJDK 7 Java Software Development Kit.\n\nA flaw was found in the way the Hotspot component in OpenJDK verified\nbytecode from the class files. An untrusted Java application or applet\ncould possibly use this flaw to bypass Java sandbox restrictions.\n(CVE-2014-6601)\n\nMultiple improper permission check issues were discovered in the JAX-WS,\nand RMI components in OpenJDK. An untrusted Java application or applet\ncould use these flaws to bypass Java sandbox restrictions. (CVE-2015-0412,\nCVE-2015-0408)\n\nA flaw was found in the way the Hotspot garbage collector handled phantom\nreferences. An untrusted Java application or applet could use this flaw to\ncorrupt the Java Virtual Machine memory and, possibly, execute arbitrary\ncode, bypassing Java sandbox restrictions. (CVE-2015-0395)\n\nA flaw was found in the way the DER (Distinguished Encoding Rules) decoder\nin the Security component in OpenJDK handled negative length values. A\nspecially crafted, DER-encoded input could cause a Java application to\nenter an infinite loop when decoded. (CVE-2015-0410)\n\nA flaw was found in the way the SSL 3.0 protocol handled padding bytes when\ndecrypting messages that were encrypted using block ciphers in cipher block\nchaining (CBC) mode. This flaw could possibly allow a man-in-the-middle\n(MITM) attacker to decrypt portions of the cipher text using a padding\noracle attack. (CVE-2014-3566)\n\nNote: This update disables SSL 3.0 by default to address this issue.\nThe jdk.tls.disabledAlgorithms security property can be used to re-enable\nSSL 3.0 support if needed. For additional information, refer to the Red Hat\nBugzilla bug linked to in the References section.\n\nIt was discovered that the SSL/TLS implementation in the JSSE component in\nOpenJDK failed to properly check whether the ChangeCipherSpec was received\nduring the SSL/TLS connection handshake. An MITM attacker could possibly\nuse this flaw to force a connection to be established without encryption\nbeing enabled. (CVE-2014-6593)\n\nAn information leak flaw was found in the Swing component in OpenJDK. An\nuntrusted Java application or applet could use this flaw to bypass certain\nJava sandbox restrictions. (CVE-2015-0407)\n\nA NULL pointer dereference flaw was found in the MulticastSocket\nimplementation in the Libraries component of OpenJDK. An untrusted Java\napplication or applet could possibly use this flaw to bypass certain Java\nsandbox restrictions. (CVE-2014-6587)\n\nMultiple boundary check flaws were found in the font parsing code in the 2D\ncomponent in OpenJDK. A specially crafted font file could allow an\nuntrusted Java application or applet to disclose portions of the Java\nVirtual Machine memory. (CVE-2014-6585, CVE-2014-6591)\n\nMultiple insecure temporary file use issues were found in the way the\nHotspot component in OpenJDK created performance statistics and error log\nfiles. A local attacker could possibly make a victim using OpenJDK\noverwrite arbitrary files using a symlink attack. (CVE-2015-0383)\n\nThe CVE-2015-0383 issue was discovered by Red Hat.\n\nAll users of java-1.7.0-openjdk are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK Java\nmust be restarted for the update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2015-January/032926.html\n\n**Affected packages:**\njava-1.7.0-openjdk\njava-1.7.0-openjdk-demo\njava-1.7.0-openjdk-devel\njava-1.7.0-openjdk-javadoc\njava-1.7.0-openjdk-src\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2015-0068.html", "edition": 3, "modified": "2015-01-21T05:35:44", "published": "2015-01-21T05:35:44", "href": "http://lists.centos.org/pipermail/centos-announce/2015-January/032926.html", "id": "CESA-2015:0068", "title": "java security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-17T03:29:06", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566", "CVE-2015-0395", "CVE-2015-0407", "CVE-2014-6585", "CVE-2015-0410", "CVE-2015-0383", "CVE-2014-6587", "CVE-2014-6593", "CVE-2014-6601", "CVE-2015-0408", "CVE-2014-6591", "CVE-2015-0412"], "description": "**CentOS Errata and Security Advisory** CESA-2015:0067\n\n\nThe java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime\nEnvironment and the OpenJDK 7 Java Software Development Kit.\n\nA flaw was found in the way the Hotspot component in OpenJDK verified\nbytecode from the class files. An untrusted Java application or applet\ncould possibly use this flaw to bypass Java sandbox restrictions.\n(CVE-2014-6601)\n\nMultiple improper permission check issues were discovered in the JAX-WS,\nand RMI components in OpenJDK. An untrusted Java application or applet\ncould use these flaws to bypass Java sandbox restrictions. (CVE-2015-0412,\nCVE-2015-0408)\n\nA flaw was found in the way the Hotspot garbage collector handled phantom\nreferences. An untrusted Java application or applet could use this flaw to\ncorrupt the Java Virtual Machine memory and, possibly, execute arbitrary\ncode, bypassing Java sandbox restrictions. (CVE-2015-0395)\n\nA flaw was found in the way the DER (Distinguished Encoding Rules) decoder\nin the Security component in OpenJDK handled negative length values. A\nspecially crafted, DER-encoded input could cause a Java application to\nenter an infinite loop when decoded. (CVE-2015-0410)\n\nA flaw was found in the way the SSL 3.0 protocol handled padding bytes when\ndecrypting messages that were encrypted using block ciphers in cipher block\nchaining (CBC) mode. This flaw could possibly allow a man-in-the-middle\n(MITM) attacker to decrypt portions of the cipher text using a padding\noracle attack. (CVE-2014-3566)\n\nNote: This update disables SSL 3.0 by default to address this issue.\nThe jdk.tls.disabledAlgorithms security property can be used to re-enable\nSSL 3.0 support if needed. For additional information, refer to the Red Hat\nBugzilla bug linked to in the References section.\n\nIt was discovered that the SSL/TLS implementation in the JSSE component in\nOpenJDK failed to properly check whether the ChangeCipherSpec was received\nduring the SSL/TLS connection handshake. An MITM attacker could possibly\nuse this flaw to force a connection to be established without encryption\nbeing enabled. (CVE-2014-6593)\n\nAn information leak flaw was found in the Swing component in OpenJDK. An\nuntrusted Java application or applet could use this flaw to bypass certain\nJava sandbox restrictions. (CVE-2015-0407)\n\nA NULL pointer dereference flaw was found in the MulticastSocket\nimplementation in the Libraries component of OpenJDK. An untrusted Java\napplication or applet could possibly use this flaw to bypass certain Java\nsandbox restrictions. (CVE-2014-6587)\n\nMultiple boundary check flaws were found in the font parsing code in the 2D\ncomponent in OpenJDK. A specially crafted font file could allow an\nuntrusted Java application or applet to disclose portions of the Java\nVirtual Machine memory. (CVE-2014-6585, CVE-2014-6591)\n\nMultiple insecure temporary file use issues were found in the way the\nHotspot component in OpenJDK created performance statistics and error log\nfiles. A local attacker could possibly make a victim using OpenJDK\noverwrite arbitrary files using a symlink attack. (CVE-2015-0383)\n\nThe CVE-2015-0383 issue was discovered by Red Hat.\n\nNote: If the web browser plug-in provided by the icedtea-web package was\ninstalled, the issues exposed via Java applets could have been exploited\nwithout user interaction if a user visited a malicious website.\n\nAll users of java-1.7.0-openjdk are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK Java\nmust be restarted for the update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2015-January/032927.html\nhttp://lists.centos.org/pipermail/centos-announce/2015-January/032929.html\n\n**Affected packages:**\njava-1.7.0-openjdk\njava-1.7.0-openjdk-accessibility\njava-1.7.0-openjdk-demo\njava-1.7.0-openjdk-devel\njava-1.7.0-openjdk-headless\njava-1.7.0-openjdk-javadoc\njava-1.7.0-openjdk-src\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2015-0067.html", "edition": 5, "modified": "2015-01-21T07:12:16", "published": "2015-01-21T05:42:52", "href": "http://lists.centos.org/pipermail/centos-announce/2015-January/032927.html", "id": "CESA-2015:0067", "title": "java security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}