Lucene search
Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-2522-1.NASLHistoryMar 06, 2015 - 12:00 a.m.
Ubuntu 14.04 LTS : ICU vulnerabilities (USN-2522-1)
2015-03-0600:00:00
Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
23
It was discovered that ICU incorrectly handled memory operations when processing fonts. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 12.04 LTS. (CVE-2013-1569, CVE-2013-2383, CVE-2013-2384, CVE-2013-2419)
It was discovered that ICU incorrectly handled memory operations when processing fonts. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program.
(CVE-2014-6585, CVE-2014-6591)
It was discovered that ICU incorrectly handled memory operations when processing regular expressions. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. (CVE-2014-7923, CVE-2014-7926, CVE-2014-9654)
It was discovered that ICU collator implementation incorrectly handled memory operations. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program.
(CVE-2014-7940).
Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-2522-1. The text
# itself is copyright (C) Canonical, Inc. See
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered
# trademark of Canonical, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(81668);
script_version("1.21");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/10/23");
script_cve_id(
"CVE-2013-1569",
"CVE-2013-2383",
"CVE-2013-2384",
"CVE-2013-2419",
"CVE-2014-6585",
"CVE-2014-6591",
"CVE-2014-7923",
"CVE-2014-7926",
"CVE-2014-7940",
"CVE-2014-9654"
);
script_bugtraq_id(
59131,
59166,
59179,
59190,
72173,
72175,
72288
);
script_xref(name:"USN", value:"2522-1");
script_name(english:"Ubuntu 14.04 LTS : ICU vulnerabilities (USN-2522-1)");
script_set_attribute(attribute:"synopsis", value:
"The remote Ubuntu host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"It was discovered that ICU incorrectly handled memory operations when
processing fonts. If an application using ICU processed crafted data,
an attacker could cause it to crash or potentially execute arbitrary
code with the privileges of the user invoking the program. This issue
only affected Ubuntu 12.04 LTS. (CVE-2013-1569, CVE-2013-2383,
CVE-2013-2384, CVE-2013-2419)
It was discovered that ICU incorrectly handled memory operations when
processing fonts. If an application using ICU processed crafted data,
an attacker could cause it to crash or potentially execute arbitrary
code with the privileges of the user invoking the program.
(CVE-2014-6585, CVE-2014-6591)
It was discovered that ICU incorrectly handled memory operations when
processing regular expressions. If an application using ICU processed
crafted data, an attacker could cause it to crash or potentially
execute arbitrary code with the privileges of the user invoking the
program. (CVE-2014-7923, CVE-2014-7926, CVE-2014-9654)
It was discovered that ICU collator implementation incorrectly handled
memory operations. If an application using ICU processed crafted data,
an attacker could cause it to crash or potentially execute arbitrary
code with the privileges of the user invoking the program.
(CVE-2014-7940).
Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/notices/USN-2522-1");
script_set_attribute(attribute:"solution", value:
"Update the affected icu-devtools, libicu-dev and / or libicu52 packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2013-2384");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2014-9654");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2013/04/17");
script_set_attribute(attribute:"patch_publication_date", value:"2015/03/05");
script_set_attribute(attribute:"plugin_publication_date", value:"2015/03/06");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libicu52");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:14.04:-:lts");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:icu-devtools");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libicu-dev");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Ubuntu Local Security Checks");
script_copyright(english:"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
exit(0);
}
include('debian_package.inc');
if ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/Ubuntu/release');
if ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');
os_release = chomp(os_release);
if (! ('14.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 14.04', 'Ubuntu ' + os_release);
if ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);
var pkgs = [
{'osver': '14.04', 'pkgname': 'icu-devtools', 'pkgver': '52.1-3ubuntu0.2'},
{'osver': '14.04', 'pkgname': 'libicu-dev', 'pkgver': '52.1-3ubuntu0.2'},
{'osver': '14.04', 'pkgname': 'libicu52', 'pkgver': '52.1-3ubuntu0.2'}
];
var flag = 0;
foreach package_array ( pkgs ) {
var osver = NULL;
var pkgname = NULL;
var pkgver = NULL;
if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];
if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];
if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];
if (osver && pkgname && pkgver) {
if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : ubuntu_report_get()
);
exit(0);
}
else
{
var tested = ubuntu_pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'icu-devtools / libicu-dev / libicu52');
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| canonical | ubuntu_linux | libicu52 | p-cpe:/a:canonical:ubuntu_linux:libicu52 |
| canonical | ubuntu_linux | 14.04 | cpe:/o:canonical:ubuntu_linux:14.04:-:lts |
| canonical | ubuntu_linux | icu-devtools | p-cpe:/a:canonical:ubuntu_linux:icu-devtools |
| canonical | ubuntu_linux | libicu-dev | p-cpe:/a:canonical:ubuntu_linux:libicu-dev |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7940
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654
ubuntu.com/security/notices/USN-2522-1
Related
securityvulns
securityvulns
libicu multiple security vulnerabilities
2015-03-07 00:00:00
[USN-2522-1] ICU vulnerabilities
2015-03-07 00:00:00
SEC Consult SA-20130417-1 :: Java ActiveX Control Memory Corruption
2013-04-22 00:00:00
osv
osv
icu - security update
2015-03-15 00:00:00
icu - security update
2015-05-14 00:00:00
nessus
nessus
Ubuntu 12.04 LTS : icu vulnerabilities (USN-2522-3)
2015-03-11 00:00:00
Ubuntu 12.04 LTS : icu regression (USN-2522-2)
2015-03-09 00:00:00
Debian DLA-219-1 : icu security update
2015-05-15 00:00:00
openvas
openvas
Ubuntu Update for icu USN-2522-2
2015-03-07 00:00:00
Ubuntu Update for icu USN-2522-3
2015-03-11 00:00:00
Debian Security Advisory DSA 3187-1 (icu - security update)
2015-03-15 00:00:00
ubuntu
ubuntu
ICU regression
2015-03-06 00:00:00
ICU vulnerabilities
2015-03-10 00:00:00
ICU vulnerabilities
2015-03-05 00:00:00
debian
debian
[SECURITY] [DLA 219-1] icu security update
2015-05-14 09:45:27
[SECURITY] [DSA 3187-1] icu security update
2015-03-15 05:02:23
[SECURITY] [DSA 3187-1] icu security update
2015-03-15 05:02:23
fedora
fedora
[SECURITY] Fedora 23 Update: icu-54.1-5.fc23
2015-09-24 05:27:12
[SECURITY] Fedora 21 Update: icu-52.1-6.fc21
2015-04-28 12:58:53
[SECURITY] Fedora 22 Update: icu-54.1-4.fc22
2015-10-13 17:07:12
gentoo
gentoo
ICU: Multiple Vulnerabilities
2015-03-14 00:00:00
mageia
mageia
Updated icu packages fix security vulnerabilities
2015-01-31 16:23:52
Updated icu packages fix security vulnerability
2015-03-10 19:48:25
cve
cve
debiancve
debiancve
prion
prion
Memory corruption
2017-04-24 06:59:00
Design/Logic Flaw
2015-01-21 15:28:00
Design/Logic Flaw
2013-04-17 18:55:00
ubuntucve
ubuntucve
veracode
veracode
Information Disclosure
2019-01-15 09:04:21
Information Disclosure
2019-05-02 05:07:16
Improper Access Control
2019-05-02 04:44:36
ibm
ibm
seebug
seebug
Java Web Start Launcher ActiveX Control - Memory Corruption
2014-07-01 00:00:00
zdt
zdt
Java Web Start Launcher ActiveX Control - Memory Corruption
2013-04-18 00:00:00
exploitpack
exploitpack
Java Web Start Launcher ActiveX Control - Memory Corruption
2013-04-18 00:00:00
zdi
zdi
Oracle Java mort TTF Table Remote Code Execution Vulnerability
2013-05-10 00:00:00
Oracle Java GSUB TTF Table LookupCount Remote Code Execution Vulnerability
2013-05-10 00:00:00
suse
suse
Security update for Java 1.4.2 (important)
2013-06-10 18:09:23
Security update for java-1_6_0-openjdk (important)
2013-05-21 20:04:20
redhat
redhat
(RHSA-2013:0855) Important: java-1.5.0-ibm security update
2013-05-22 00:00:00
(RHSA-2015:0136) Important: java-1.5.0-ibm security update
2015-02-05 00:00:00
(RHSA-2013:0770) Important: java-1.6.0-openjdk security update
2013-04-24 00:00:00
packetstorm
packetstorm
Java Web Start Launcher Memory Corruption
2013-04-17 00:00:00
exploitdb
exploitdb
Java Web Start Launcher ActiveX Control - Memory Corruption
2013-04-18 00:00:00
centos
centos
java security update
2013-04-24 20:56:24
oraclelinux
oraclelinux
java-1.6.0-openjdk security update
2013-04-24 00:00:00
amazon
amazon
Important: java-1.6.0-openjdk
2013-04-25 20:40:00
Related for UBUNTU_USN-2522-1.NASL