CVE-2017-17484

🗓️ 10 Dec 2017 20:29:00Reported by [email protected]Type

The ucnv_UTF8FromUTF8 function in ICU for C/C++ through 60.1 mishandles ucnv_convertEx calls, allowing remote attackers to cause a denial of service or other impact

Reporter	Title	Published	Views	Family All 33
IBM Security Bulletins	Security Bulletin: IBM i is affected by multiple vulnerabilities in International Components for Unicode (ICU) option 39 [CVE-2017-14952 CVE-2011-4599 CVE-2017-17484].	31 Jul 202518:58	–	ibm
IBM Security Bulletins	Security Bulletin: IBM® Db2® is affected by multiple vulnerabilities in ICU libraries.	20 Jan 202616:34	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilities in ICU	7 Dec 202322:45	–	ibm
ATTACKERKB	CVE-2017-17484	10 Dec 201720:29	–	attackerkb
CNVD	International Components for Unicode (ICU) for C/C++ Stack Buffer Overflow Vulnerability	11 Dec 201700:00	–	cnvd
CVE	CVE-2017-17484	10 Dec 201720:00	–	cve
Cvelist	CVE-2017-17484	10 Dec 201720:00	–	cvelist
Debian CVE	CVE-2017-17484	10 Dec 201720:00	–	debiancve
Tenable Nessus	EulerOS Virtualization for ARM 64 3.0.3.0 : icu (EulerOS-SA-2019-2312)	3 Dec 201900:00	–	nessus
Tenable Nessus	openSUSE Security Update : icu (openSUSE-2018-517)	25 May 201800:00	–	nessus

NVD

Node

icu-project international_components_for_unicodeRange≤60.1c/c++

Source	Link
ssl	www.ssl.icu-project.org/trac/ticket/13490
github	www.github.com/znc/znc/issues/1459
oracle	www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
ssl	www.ssl.icu-project.org/trac/ticket/13510
ssl	www.ssl.icu-project.org/trac/attachment/ticket/13490/poc.cpp
ssl	www.ssl.icu-project.org/trac/changeset/40714
ssl	www.ssl.icu-project.org/trac/changeset/40715

13 May 2026 00:24Current

9.9High risk

Vulners AI Score9.9

CVSS 27.5

CVSS 39.8

EPSS0.04473

CWE-119

icu c++stack-based buffer overflow application crash remote attackers .