{"id": "OPENVAS:703725", "type": "openvas", "bulletinFamily": "scanner", "title": "Debian Security Advisory DSA 3725-1 (icu - security update)", "description": "Several vulnerabilities were\ndiscovered in the International Components for Unicode (ICU) library.\n\nCVE-2014-9911 \nMichele Spagnuolo discovered a buffer overflow vulnerability which\nmight allow remote attackers to cause a denial of service or possibly\nexecute arbitrary code via crafted text.\n\nCVE-2015-2632 \nAn integer overflow vulnerability might lead into a denial of service\nor disclosure of portion of application memory if an attacker has\ncontrol on the input file.\n\nCVE-2015-4844 \nBuffer overflow vulnerabilities might allow an attacker with control\non the font file to perform a denial of service or,\npossibly, execute arbitrary code.\n\nCVE-2016-0494Integer signedness issues were introduced as part of the\nCVE-2015-4844 \nfix.\n\nCVE-2016-6293 \nA buffer overflow might allow an attacker to perform a denial of\nservice or disclosure of portion of application memory.\n\nCVE-2016-7415 \nA stack-based buffer overflow might allow an attacker with control on\nthe locale string to perform a denial of service and, possibly,\nexecute arbitrary code.", "published": "2016-11-27T00:00:00", "modified": "2017-07-07T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=703725", "reporter": "Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net", "references": ["http://www.debian.org/security/2016/dsa-3725.html"], "cvelist": ["CVE-2015-2632", "CVE-2016-0494", "CVE-2014-9911", "CVE-2016-7415", "CVE-2016-6293", "CVE-2015-4844"], "lastseen": "2017-07-24T12:54:52", "viewCount": 0, "enchantments": {"score": {"value": 9.2, "vector": "NONE", "modified": "2017-07-24T12:54:52", "rev": 2}, "dependencies": {"references": [{"type": "nessus", "idList": ["EULEROS_SA-2020-1454.NASL", "PHOTONOS_PHSA-2020-2_0-0288_ICU.NASL", "GENTOO_GLSA-201701-58.NASL", "DEBIAN_DLA-744.NASL", "UBUNTU_USN-3227-1.NASL", "EULEROS_SA-2019-1969.NASL", "EULEROS_SA-2019-2594.NASL", "DEBIAN_DLA-545.NASL", "DEBIAN_DSA-3725.NASL", "EULEROS_SA-2019-1946.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562311220191969", "OPENVAS:1361412562310703725", "OPENVAS:1361412562311220191946", "OPENVAS:1361412562311220201454", "OPENVAS:1361412562310810141", "OPENVAS:1361412562311220192594", "OPENVAS:1361412562311220192390", "OPENVAS:1361412562310872092", "OPENVAS:1361412562310810164", "OPENVAS:1361412562310843092"]}, {"type": "debian", "idList": ["DEBIAN:DSA-3465-1:584E2", "DEBIAN:DSA-3458-1:53966", "DEBIAN:DLA-615-1:B50E0", "DEBIAN:DLA-381-1:1D167", "DEBIAN:DLA-744-1:95F46", "DEBIAN:DLA-545-1:646D8", "DEBIAN:DSA-3725-1:7707C"]}, {"type": "ubuntu", "idList": ["USN-2884-1", "USN-2740-1", "USN-2885-1", "USN-3227-1"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:07FC899E9F5F58E4BEDD842E4A4820A4", "CFOUNDRY:B642D1016F9847BDB1C562D31A013349"]}, {"type": "cve", "idList": ["CVE-2016-6293", "CVE-2016-0494", "CVE-2016-7415", "CVE-2015-2632", "CVE-2015-4844", "CVE-2014-9911"]}, {"type": "gentoo", "idList": ["GLSA-201701-58"]}, {"type": "f5", "idList": ["F5:K65342329", "F5:K84947349", "SOL65342329"]}, {"type": "fedora", "idList": ["FEDORA:7D428605FC47", "FEDORA:38DA86002CFB", "FEDORA:3213A60427AB", "FEDORA:115AC6042D4F"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:14704"]}, {"type": "centos", "idList": ["CESA-2016:0067"]}, {"type": "oraclelinux", "idList": ["ELSA-2016-0067"]}, {"type": "redhat", "idList": ["RHSA-2016:0067"]}, {"type": "amazon", "idList": ["ALAS-2016-654"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2018:1422-1"]}], "modified": "2017-07-24T12:54:52", "rev": 2}, "vulnersScore": 9.2}, "pluginID": "703725", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3725.nasl 6608 2017-07-07 12:05:05Z cfischer $\n# Auto-generated from advisory DSA 3725-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703725);\n script_version(\"$Revision: 6608 $\");\n script_cve_id(\"CVE-2014-9911\", \"CVE-2015-2632\", \"CVE-2015-4844\", \"CVE-2016-0494\",\n \"CVE-2016-6293\", \"CVE-2016-7415\");\n script_name(\"Debian Security Advisory DSA 3725-1 (icu - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:05 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2016-11-27 00:00:00 +0100 (Sun, 27 Nov 2016)\");\n script_tag(name: \"cvss_base\", value: \"10.0\");\n script_tag(name: \"cvss_base_vector\", value: \"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2016/dsa-3725.html\");\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"icu on Debian Linux\");\n script_tag(name: \"insight\", value: \"ICU is a C++ and C library that\nprovides robust and full-featured Unicode and locale support.\");\n script_tag(name: \"solution\", value: \"For the stable distribution\n(jessie), these problems have been fixed in version 52.1-8+deb8u4.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 57.1-5.\n\nWe recommend that you upgrade your icu packages.\");\n script_tag(name: \"summary\", value: \"Several vulnerabilities were\ndiscovered in the International Components for Unicode (ICU) library.\n\nCVE-2014-9911 \nMichele Spagnuolo discovered a buffer overflow vulnerability which\nmight allow remote attackers to cause a denial of service or possibly\nexecute arbitrary code via crafted text.\n\nCVE-2015-2632 \nAn integer overflow vulnerability might lead into a denial of service\nor disclosure of portion of application memory if an attacker has\ncontrol on the input file.\n\nCVE-2015-4844 \nBuffer overflow vulnerabilities might allow an attacker with control\non the font file to perform a denial of service or,\npossibly, execute arbitrary code.\n\nCVE-2016-0494Integer signedness issues were introduced as part of the\nCVE-2015-4844 \nfix.\n\nCVE-2016-6293 \nA buffer overflow might allow an attacker to perform a denial of\nservice or disclosure of portion of application memory.\n\nCVE-2016-7415 \nA stack-based buffer overflow might allow an attacker with control on\nthe locale string to perform a denial of service and, possibly,\nexecute arbitrary code.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed\nsoftware version using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"icu-devtools\", ver:\"52.1-8+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icu-doc\", ver:\"52.1-8+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libicu-dev:amd64\", ver:\"52.1-8+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libicu-dev:i386\", ver:\"52.1-8+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif ((res = isdpkgvuln(pkg:\"libicu52:amd64\", ver:\"52.1-8+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libicu52:i386\", ver:\"52.1-8+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif ((res = isdpkgvuln(pkg:\"libicu52-dbg\", ver:\"52.1-8+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "Debian Local Security Checks"}

{"openvas": [{"lastseen": "2019-05-29T18:35:28", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-2632", "CVE-2016-0494", "CVE-2014-9911", "CVE-2016-7415", "CVE-2016-6293", "CVE-2015-4844"], "description": "Several vulnerabilities were\ndiscovered in the International Components for Unicode (ICU) library.\n\nCVE-2014-9911\nMichele Spagnuolo discovered a buffer overflow vulnerability which\nmight allow remote attackers to cause a denial of service or possibly\nexecute arbitrary code via crafted text.\n\nCVE-2015-2632\nAn integer overflow vulnerability might lead into a denial of service\nor disclosure of portion of application memory if an attacker has\ncontrol on the input file.\n\nCVE-2015-4844\nBuffer overflow vulnerabilities might allow an attacker with control\non the font file to perform a denial of service or,\npossibly, execute arbitrary code.\n\nCVE-2016-0494Integer signedness issues were introduced as part of the\nCVE-2015-4844\nfix.\n\nCVE-2016-6293\nA buffer overflow might allow an attacker to perform a denial of\nservice or disclosure of portion of application memory.\n\nCVE-2016-7415\nA stack-based buffer overflow might allow an attacker with control on\nthe locale string to perform a denial of service and, possibly,\nexecute arbitrary code.", "modified": "2019-03-18T00:00:00", "published": "2016-11-27T00:00:00", "id": "OPENVAS:1361412562310703725", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703725", "type": "openvas", "title": "Debian Security Advisory DSA 3725-1 (icu - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3725.nasl 14279 2019-03-18 14:48:34Z cfischer $\n# Auto-generated from advisory DSA 3725-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703725\");\n script_version(\"$Revision: 14279 $\");\n script_cve_id(\"CVE-2014-9911\", \"CVE-2015-2632\", \"CVE-2015-4844\", \"CVE-2016-0494\",\n \"CVE-2016-6293\", \"CVE-2016-7415\");\n script_name(\"Debian Security Advisory DSA 3725-1 (icu - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:48:34 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-11-27 00:00:00 +0100 (Sun, 27 Nov 2016)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2016/dsa-3725.html\");\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n script_tag(name:\"affected\", value:\"icu on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution\n(jessie), these problems have been fixed in version 52.1-8+deb8u4.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 57.1-5.\n\nWe recommend that you upgrade your icu packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities were\ndiscovered in the International Components for Unicode (ICU) library.\n\nCVE-2014-9911\nMichele Spagnuolo discovered a buffer overflow vulnerability which\nmight allow remote attackers to cause a denial of service or possibly\nexecute arbitrary code via crafted text.\n\nCVE-2015-2632\nAn integer overflow vulnerability might lead into a denial of service\nor disclosure of portion of application memory if an attacker has\ncontrol on the input file.\n\nCVE-2015-4844\nBuffer overflow vulnerabilities might allow an attacker with control\non the font file to perform a denial of service or,\npossibly, execute arbitrary code.\n\nCVE-2016-0494Integer signedness issues were introduced as part of the\nCVE-2015-4844\nfix.\n\nCVE-2016-6293\nA buffer overflow might allow an attacker to perform a denial of\nservice or disclosure of portion of application memory.\n\nCVE-2016-7415\nA stack-based buffer overflow might allow an attacker with control on\nthe locale string to perform a denial of service and, possibly,\nexecute arbitrary code.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed\nsoftware version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"icu-devtools\", ver:\"52.1-8+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"icu-doc\", ver:\"52.1-8+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libicu-dev:amd64\", ver:\"52.1-8+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libicu-dev:i386\", ver:\"52.1-8+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif((res = isdpkgvuln(pkg:\"libicu52:amd64\", ver:\"52.1-8+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libicu52:i386\", ver:\"52.1-8+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif((res = isdpkgvuln(pkg:\"libicu52-dbg\", ver:\"52.1-8+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:34:27", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0494", "CVE-2014-9911", "CVE-2016-7415", "CVE-2016-6293", "CVE-2015-4844"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2017-03-14T00:00:00", "id": "OPENVAS:1361412562310843092", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843092", "type": "openvas", "title": "Ubuntu Update for icu USN-3227-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for icu USN-3227-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843092\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-03-14 05:47:56 +0100 (Tue, 14 Mar 2017)\");\n script_cve_id(\"CVE-2014-9911\", \"CVE-2015-4844\", \"CVE-2016-0494\", \"CVE-2016-6293\",\n \"CVE-2016-7415\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for icu USN-3227-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'icu'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"It was discovered that ICU incorrectly\n handled certain memory operations when processing data. If an application using\n ICU processed crafted data, a remote attacker could possibly cause it to crash\n or potentially execute arbitrary code with the privileges of the user invoking\n the program.\");\n script_tag(name:\"affected\", value:\"icu on Ubuntu 16.10,\n Ubuntu 16.04 LTS,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3227-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3227-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|16\\.10|12\\.04 LTS|16\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libicu52:i386\", ver:\"52.1-3ubuntu0.5\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libicu52:amd64\", ver:\"52.1-3ubuntu0.5\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libicu57:i386\", ver:\"57.1-4ubuntu0.1\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libicu57:amd64\", ver:\"57.1-4ubuntu0.1\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libicu48:i386\", ver:\"4.8.1.1-3ubuntu0.7\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libicu48:amd64\", ver:\"4.8.1.1-3ubuntu0.7\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libicu55:i386\", ver:\"55.1-7ubuntu0.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libicu55:amd64\", ver:\"55.1-7ubuntu0.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-27T18:36:52", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7923", "CVE-2017-7867", "CVE-2014-9654", "CVE-2016-0494", "CVE-2016-7415", "CVE-2016-6293", "CVE-2017-7868", "CVE-2015-4844"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191969", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191969", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for icu (EulerOS-SA-2019-1969)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1969\");\n script_version(\"2020-01-23T12:28:48+0000\");\n script_cve_id(\"CVE-2014-9654\", \"CVE-2015-4844\", \"CVE-2016-0494\", \"CVE-2016-6293\", \"CVE-2016-7415\", \"CVE-2017-7867\", \"CVE-2017-7868\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:28:48 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:28:48 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for icu (EulerOS-SA-2019-1969)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1969\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1969\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'icu' package(s) announced via the EulerOS-SA-2019-1969 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.(CVE-2016-0494)\n\nUnspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.(CVE-2015-4844)\n\nStack-based buffer overflow in the Locale class in common/locid.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long locale string.(CVE-2016-7415)\n\nThe uloc_acceptLanguageFromHTTP function in common/uloc.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ does not ensure that there is a '\\0' character at the end of a certain temporary array, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a call with a long httpAcceptLanguage argument.(CVE-2016-6293)\n\nThe Regular Expressions package in International Components for Unicode (ICU) for C/C++ before 2014-12-03, as used in Google Chrome before 40.0.2214.91, calculates certain values without ensuring that they can be represented in a 24-bit field, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted string, a related issue to CVE-2014-7923.(CVE-2014-9654)\n\nInternational Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_moveIndex32* function.(CVE-2017-7868)\n\nA vulnerability was found in the International Components for Unicode (ICU). Specially crafted invalid utf-8 text, when parsed or manipulated using particular functions in libicu, could cause out-of-bounds heap reads and writes potentially leading to a crash, memory disclosure, or possibly code execution.(CVE-2017-7867)\");\n\n script_tag(name:\"affected\", value:\"'icu' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libicu\", rpm:\"libicu~50.1.2~15.h5.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libicu-devel\", rpm:\"libicu-devel~50.1.2~15.h5.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-27T18:37:17", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0494", "CVE-2015-4844"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191946", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191946", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for icu (EulerOS-SA-2019-1946)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1946\");\n script_version(\"2020-01-23T12:28:15+0000\");\n script_cve_id(\"CVE-2015-4844\", \"CVE-2016-0494\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:28:15 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:28:15 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for icu (EulerOS-SA-2019-1946)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.2\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1946\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1946\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'icu' package(s) announced via the EulerOS-SA-2019-1946 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.(CVE-2016-0494)\n\n\nUnspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.(CVE-2015-4844)\");\n\n script_tag(name:\"affected\", value:\"'icu' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.2.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.2.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libicu\", rpm:\"libicu~50.1.2~15.h4\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-04-17T17:01:06", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7923", "CVE-2017-7867", "CVE-2014-7940", "CVE-2014-9654", "CVE-2017-15422", "CVE-2016-0494", "CVE-2016-7415", "CVE-2016-6293", "CVE-2014-7926", "CVE-2017-7868", "CVE-2015-4844"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-04-16T00:00:00", "published": "2020-04-16T00:00:00", "id": "OPENVAS:1361412562311220201454", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201454", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for icu (EulerOS-SA-2020-1454)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from the referenced\n# advisories, and are Copyright (C) by the respective right holder(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1454\");\n script_version(\"2020-04-16T05:55:19+0000\");\n script_cve_id(\"CVE-2014-7923\", \"CVE-2014-7926\", \"CVE-2014-7940\", \"CVE-2014-9654\", \"CVE-2015-4844\", \"CVE-2016-0494\", \"CVE-2016-6293\", \"CVE-2016-7415\", \"CVE-2017-15422\", \"CVE-2017-7867\", \"CVE-2017-7868\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-04-16 05:55:19 +0000 (Thu, 16 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-16 05:55:19 +0000 (Thu, 16 Apr 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for icu (EulerOS-SA-2020-1454)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-3\\.0\\.2\\.2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1454\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1454\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'icu' package(s) announced via the EulerOS-SA-2020-1454 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.(CVE-2016-0494)\n\nUnspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.(CVE-2015-4844)\n\nInternational Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_moveIndex32* function.(CVE-2017-7868)\n\nInternational Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_setNativeIndex* function.(CVE-2017-7867)\n\nThe Regular Expressions package in International Components for Unicode (ICU) for C/C++ before 2014-12-03, as used in Google Chrome before 40.0.2214.91, calculates certain values without ensuring that they can be represented in a 24-bit field, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted string, a related issue to CVE-2014-7923.(CVE-2014-9654)\n\nStack-based buffer overflow in the Locale class in common/locid.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long locale string.(CVE-2016-7415)\n\nThe uloc_acceptLanguageFromHTTP function in common/uloc.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ does not ensure that there is a '\\0' character at the end of a certain temporary array, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a call with a long httpAcceptLanguage argument.(CVE-2016-6293)\n\nThe collator implementation in i18n/ucol.cpp in International Components for Unicode (ICU) 52 through SVN revision 293126, as used in Google Chrome before 40.0.2214.91, does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted character sequence.(CVE-2014-7940)\n\nThe Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Goog ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'icu' package(s) on Huawei EulerOS Virtualization 3.0.2.2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-3.0.2.2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libicu\", rpm:\"libicu~50.1.2~15.h7.eulerosv2r7\", rls:\"EULEROSVIRT-3.0.2.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-27T18:37:21", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7923", "CVE-2017-7867", "CVE-2014-9654", "CVE-2016-7415", "CVE-2016-6293", "CVE-2014-7926", "CVE-2017-7868", "CVE-2015-4844"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192594", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192594", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for icu (EulerOS-SA-2019-2594)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2594\");\n script_version(\"2020-01-23T13:07:54+0000\");\n script_cve_id(\"CVE-2014-7923\", \"CVE-2014-7926\", \"CVE-2014-9654\", \"CVE-2015-4844\", \"CVE-2016-6293\", \"CVE-2016-7415\", \"CVE-2017-7867\", \"CVE-2017-7868\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 13:07:54 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 13:07:54 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for icu (EulerOS-SA-2019-2594)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2594\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2594\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'icu' package(s) announced via the EulerOS-SA-2019-2594 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_moveIndex32* function.(CVE-2017-7868)\n\nInternational Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_setNativeIndex* function.(CVE-2017-7867)\n\nStack-based buffer overflow in the Locale class in common/locid.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long locale string.(CVE-2016-7415)\n\nThe Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors related to a look-behind expression.(CVE-2014-7923)\n\nThe Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors related to a zero-length quantifier.(CVE-2014-7926)\n\nThe Regular Expressions package in International Components for Unicode (ICU) for C/C++ before 2014-12-03, as used in Google Chrome before 40.0.2214.91, calculates certain values without ensuring that they can be represented in a 24-bit field, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted string, a related issue to CVE-2014-7923.(CVE-2014-9654)\n\nThe uloc_acceptLanguageFromHTTP function in common/uloc.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ does not ensure that there is a '\\0' character at the end of a certain temporary array, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a call with a long httpAcceptLanguage argument.(CVE-2016-6293)\n\nUnspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.(CVE-2015-4844)\");\n\n script_tag(name:\"affected\", value:\"'icu' package(s) on Huawei EulerOS V2.0SP3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libicu\", rpm:\"libicu~50.1.2~15.h5\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libicu-devel\", rpm:\"libicu-devel~50.1.2~15.h5\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-27T18:32:53", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7923", "CVE-2017-7867", "CVE-2014-7940", "CVE-2014-9654", "CVE-2017-15422", "CVE-2016-7415", "CVE-2016-6293", "CVE-2014-7926", "CVE-2017-7868", "CVE-2015-4844"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192390", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192390", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for icu (EulerOS-SA-2019-2390)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2390\");\n script_version(\"2020-01-23T12:53:01+0000\");\n script_cve_id(\"CVE-2014-7923\", \"CVE-2014-7926\", \"CVE-2014-7940\", \"CVE-2014-9654\", \"CVE-2015-4844\", \"CVE-2016-6293\", \"CVE-2016-7415\", \"CVE-2017-15422\", \"CVE-2017-7867\", \"CVE-2017-7868\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:53:01 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:53:01 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for icu (EulerOS-SA-2019-2390)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2390\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2390\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'icu' package(s) announced via the EulerOS-SA-2019-2390 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Stack-based buffer overflow in the Locale class in common/locid.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long locale string.(CVE-2016-7415)\n\nInteger overflow in international date handling in International Components for Unicode (ICU) for C/C++ before 60.1, as used in V8 in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.(CVE-2017-15422)\n\nThe Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors related to a look-behind expression.(CVE-2014-7923)\n\nThe Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors related to a zero-length quantifier.(CVE-2014-7926)\n\nThe collator implementation in i18n/ucol.cpp in International Components for Unicode (ICU) 52 through SVN revision 293126, as used in Google Chrome before 40.0.2214.91, does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted character sequence.(CVE-2014-7940)\n\nThe Regular Expressions package in International Components for Unicode (ICU) for C/C++ before 2014-12-03, as used in Google Chrome before 40.0.2214.91, calculates certain values without ensuring that they can be represented in a 24-bit field, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted string, a related issue to CVE-2014-7923.(CVE-2014-9654)\n\nUnspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.(CVE-2015-4844)\n\nThe uloc_acceptLanguageFromHTTP function in common/uloc.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ does not ensure that there is a '\\0' character at the end of a certain temporary array, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a cal ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'icu' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libicu\", rpm:\"libicu~50.1.2~15.h4\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libicu-devel\", rpm:\"libicu-devel~50.1.2~15.h4\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:50", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-7415"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-12-07T00:00:00", "id": "OPENVAS:1361412562310872092", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872092", "type": "openvas", "title": "Fedora Update for icu FEDORA-2016-db6ea7f449", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for icu FEDORA-2016-db6ea7f449\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872092\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-07 05:27:12 +0100 (Wed, 07 Dec 2016)\");\n script_cve_id(\"CVE-2016-7415\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for icu FEDORA-2016-db6ea7f449\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'icu'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"icu on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-db6ea7f449\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36ZJJA5K4YA4PHI2LIGOXP5AXMUQJYS2\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"icu\", rpm:\"icu~57.1~4.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:37", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-7415"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-12-02T00:00:00", "id": "OPENVAS:1361412562310810141", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310810141", "type": "openvas", "title": "Fedora Update for icu FEDORA-2016-a0dc2c43d0", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for icu FEDORA-2016-a0dc2c43d0\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.810141\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-02 14:06:37 +0100 (Fri, 02 Dec 2016)\");\n script_cve_id(\"CVE-2016-7415\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for icu FEDORA-2016-a0dc2c43d0\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'icu'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"icu on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-a0dc2c43d0\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OAJGWQ3FEZJMVTFPJHKJJPCUKMX7XBTX\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"icu\", rpm:\"icu~56.1~7.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:34", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-6293"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-12-02T00:00:00", "id": "OPENVAS:1361412562310810164", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310810164", "type": "openvas", "title": "Fedora Update for icu FEDORA-2016-a2b9adcd5c", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for icu FEDORA-2016-a2b9adcd5c\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.810164\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-02 14:07:09 +0100 (Fri, 02 Dec 2016)\");\n script_cve_id(\"CVE-2016-6293\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for icu FEDORA-2016-a2b9adcd5c\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'icu'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"icu on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-a2b9adcd5c\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N5D3D3SMROFJK5SWHLBT6D26GRCTLZW\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"icu\", rpm:\"icu~56.1~5.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-01-12T09:49:53", "description": "Several vulnerabilities were discovered in the International\nComponents for Unicode (ICU) library.\n\n - CVE-2014-9911\n Michele Spagnuolo discovered a buffer overflow\n vulnerability which might allow remote attackers to\n cause a denial of service or possibly execute arbitrary\n code via crafted text.\n\n - CVE-2015-2632\n An integer overflow vulnerability might lead into a\n denial of service or disclosure of portion of\n application memory if an attacker has control on the\n input file.\n\n - CVE-2015-4844\n Buffer overflow vulnerabilities might allow an attacker\n with control on the font file to perform a denial of\n service or, possibly, execute arbitrary code.\n\n - CVE-2016-0494\n Integer signedness issues were introduced as part of the\n CVE-2015-4844 fix.\n\n - CVE-2016-6293\n A buffer overflow might allow an attacker to perform a\n denial of service or disclosure of portion of\n application memory.\n\n - CVE-2016-7415\n A stack-based buffer overflow might allow an attacker\n with control on the locale string to perform a denial of\n service and, possibly, execute arbitrary code.", "edition": 24, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-11-28T00:00:00", "title": "Debian DSA-3725-1 : icu - security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-2632", "CVE-2016-0494", "CVE-2014-9911", "CVE-2016-7415", "CVE-2016-6293", "CVE-2015-4844"], "modified": "2016-11-28T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:icu", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DSA-3725.NASL", "href": "https://www.tenable.com/plugins/nessus/95361", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3725. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(95361);\n script_version(\"3.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-9911\", \"CVE-2015-2632\", \"CVE-2015-4844\", \"CVE-2016-0494\", \"CVE-2016-6293\", \"CVE-2016-7415\");\n script_xref(name:\"DSA\", value:\"3725\");\n\n script_name(english:\"Debian DSA-3725-1 : icu - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities were discovered in the International\nComponents for Unicode (ICU) library.\n\n - CVE-2014-9911\n Michele Spagnuolo discovered a buffer overflow\n vulnerability which might allow remote attackers to\n cause a denial of service or possibly execute arbitrary\n code via crafted text.\n\n - CVE-2015-2632\n An integer overflow vulnerability might lead into a\n denial of service or disclosure of portion of\n application memory if an attacker has control on the\n input file.\n\n - CVE-2015-4844\n Buffer overflow vulnerabilities might allow an attacker\n with control on the font file to perform a denial of\n service or, possibly, execute arbitrary code.\n\n - CVE-2016-0494\n Integer signedness issues were introduced as part of the\n CVE-2015-4844 fix.\n\n - CVE-2016-6293\n A buffer overflow might allow an attacker to perform a\n denial of service or disclosure of portion of\n application memory.\n\n - CVE-2016-7415\n A stack-based buffer overflow might allow an attacker\n with control on the locale string to perform a denial of\n service and, possibly, execute arbitrary code.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=838694\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-9911\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-2632\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-4844\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-0494\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-4844\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-6293\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-7415\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/icu\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2016/dsa-3725\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the icu packages.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 52.1-8+deb8u4.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icu\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"icu-devtools\", reference:\"52.1-8+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icu-doc\", reference:\"52.1-8+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libicu-dev\", reference:\"52.1-8+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libicu52\", reference:\"52.1-8+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libicu52-dbg\", reference:\"52.1-8+deb8u4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T06:44:44", "description": "It was discovered that ICU incorrectly handled certain memory\noperations when processing data. If an application using ICU processed\ncrafted data, a remote attacker could possibly cause it to crash or\npotentially execute arbitrary code with the privileges of the user\ninvoking the program.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 26, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-03-14T00:00:00", "title": "Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : icu vulnerabilities (USN-3227-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0494", "CVE-2014-9911", "CVE-2016-7415", "CVE-2016-6293", "CVE-2015-4844"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:16.04", "p-cpe:/a:canonical:ubuntu_linux:libicu57", "p-cpe:/a:canonical:ubuntu_linux:libicu48", "p-cpe:/a:canonical:ubuntu_linux:libicu55", "cpe:/o:canonical:ubuntu_linux:16.10", "p-cpe:/a:canonical:ubuntu_linux:libicu52", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-3227-1.NASL", "href": "https://www.tenable.com/plugins/nessus/97720", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3227-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(97720);\n script_version(\"3.6\");\n script_cvs_date(\"Date: 2019/09/18 12:31:46\");\n\n script_cve_id(\"CVE-2014-9911\", \"CVE-2015-4844\", \"CVE-2016-0494\", \"CVE-2016-6293\", \"CVE-2016-7415\");\n script_xref(name:\"USN\", value:\"3227-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : icu vulnerabilities (USN-3227-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that ICU incorrectly handled certain memory\noperations when processing data. If an application using ICU processed\ncrafted data, a remote attacker could possibly cause it to crash or\npotentially execute arbitrary code with the privileges of the user\ninvoking the program.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3227-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libicu48\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libicu52\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libicu55\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libicu57\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/10/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/03/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/03/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2017-2019 Canonical, Inc. / NASL script (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04|14\\.04|16\\.04|16\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04 / 16.04 / 16.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libicu48\", pkgver:\"4.8.1.1-3ubuntu0.7\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libicu52\", pkgver:\"52.1-3ubuntu0.5\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libicu55\", pkgver:\"55.1-7ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"16.10\", pkgname:\"libicu57\", pkgver:\"57.1-4ubuntu0.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libicu48 / libicu52 / libicu55 / libicu57\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T11:05:45", "description": "The remote host is affected by the vulnerability described in GLSA-201701-58\n(ICU: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in ICU. Please review the\n CVE identifiers referenced below for details.\n \nImpact :\n\n Remote attackers could cause a Denial of Service condition or possibly\n have other unspecified impacts via a long locale string or\n httpAcceptLanguage argument. Additionally, A remote attacker, via a\n specially crafted file, could cause an application using ICU to parse\n untrusted font files resulting in a Denial of Service condition.\n Finally, remote attackers could affect confidentiality via unknown\n vectors related to 2D.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 23, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-01-25T00:00:00", "title": "GLSA-201701-58 : ICU: Multiple vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-2632", "CVE-2016-7415", "CVE-2016-6293"], "modified": "2017-01-25T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:icu"], "id": "GENTOO_GLSA-201701-58.NASL", "href": "https://www.tenable.com/plugins/nessus/96744", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201701-58.\n#\n# The advisory text is Copyright (C) 2001-2017 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96744);\n script_version(\"3.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-2632\", \"CVE-2016-6293\", \"CVE-2016-7415\");\n script_xref(name:\"GLSA\", value:\"201701-58\");\n\n script_name(english:\"GLSA-201701-58 : ICU: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201701-58\n(ICU: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in ICU. Please review the\n CVE identifiers referenced below for details.\n \nImpact :\n\n Remote attackers could cause a Denial of Service condition or possibly\n have other unspecified impacts via a long locale string or\n httpAcceptLanguage argument. Additionally, A remote attacker, via a\n specially crafted file, could cause an application using ICU to parse\n untrusted font files resulting in a Denial of Service condition.\n Finally, remote attackers could affect confidentiality via unknown\n vectors related to 2D.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201701-58\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All ICU users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-libs/icu-58.1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:icu\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-libs/icu\", unaffected:make_list(\"ge 58.1\"), vulnerable:make_list(\"lt 58.1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ICU\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-10-16T05:03:48", "description": "An update of the icu package has been released.", "edition": 2, "cvss3": {}, "published": "2020-10-14T00:00:00", "title": "Photon OS 2.0: Icu PHSA-2020-2.0-0288", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-17484", "CVE-2016-0494", "CVE-2016-7415", "CVE-2016-6293", "CVE-2015-4844", "CVE-2017-14952"], "modified": "2020-10-14T00:00:00", "cpe": ["cpe:/o:vmware:photonos:2.0", "p-cpe:/a:vmware:photonos:icu"], "id": "PHOTONOS_PHSA-2020-2_0-0288_ICU.NASL", "href": "https://www.tenable.com/plugins/nessus/141442", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2020-2.0-0288. The text\n# itself is copyright (C) VMware, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(141442);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/10/15\");\n\n script_cve_id(\n \"CVE-2015-4844\",\n \"CVE-2016-0494\",\n \"CVE-2016-6293\",\n \"CVE-2016-7415\",\n \"CVE-2017-14952\",\n \"CVE-2017-17484\"\n );\n script_bugtraq_id(\n 77164,\n 92127,\n 93022,\n 107921,\n 107987\n );\n\n script_name(english:\"Photon OS 2.0: Icu PHSA-2020-2.0-0288\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the icu package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-2-288.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-0494\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/10/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:icu\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item('Host/PhotonOS/release');\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, 'PhotonOS');\nif (release !~ \"^VMware Photon (?:Linux|OS) 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, 'PhotonOS 2.0');\n\nif (!get_kb_item('Host/PhotonOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'PhotonOS', cpu);\n\nflag = 0;\n\nif (rpm_check(release:'PhotonOS-2.0', cpu:'x86_64', reference:'icu-67.1-1.ph2')) flag++;\nif (rpm_check(release:'PhotonOS-2.0', cpu:'x86_64', reference:'icu-devel-67.1-1.ph2')) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'icu');\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T09:43:53", "description": "Several security issues have been identified and corrected in ICU, the\nInternational Components for Unicode C and C++ library, in Debian\nWheezy.\n\nCVE-2015-2632\n\nBuffer overflow vulnerability.\n\nCVE-2015-4844\n\nBuffer overflow vulnerability.\n\nCVE-2016-0494\n\nInteger signedness/overflow vulnerability.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version\n4.8.1.1-12+deb7u4.\n\nWe recommend that you upgrade your icu packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.", "edition": 16, "published": "2016-07-08T00:00:00", "title": "Debian DLA-545-1 : icu security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-2632", "CVE-2016-0494", "CVE-2015-4844"], "modified": "2016-07-08T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:icu-doc", "p-cpe:/a:debian:debian_linux:libicu48-dbg", "p-cpe:/a:debian:debian_linux:libicu-dev", "cpe:/o:debian:debian_linux:7.0", "p-cpe:/a:debian:debian_linux:libicu48"], "id": "DEBIAN_DLA-545.NASL", "href": "https://www.tenable.com/plugins/nessus/91978", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-545-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(91978);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-2632\", \"CVE-2015-4844\", \"CVE-2016-0494\");\n script_bugtraq_id(75861);\n\n script_name(english:\"Debian DLA-545-1 : icu security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several security issues have been identified and corrected in ICU, the\nInternational Components for Unicode C and C++ library, in Debian\nWheezy.\n\nCVE-2015-2632\n\nBuffer overflow vulnerability.\n\nCVE-2015-4844\n\nBuffer overflow vulnerability.\n\nCVE-2016-0494\n\nInteger signedness/overflow vulnerability.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version\n4.8.1.1-12+deb7u4.\n\nWe recommend that you upgrade your icu packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2016/07/msg00006.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/icu\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icu-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libicu-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libicu48\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libicu48-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/07/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"icu-doc\", reference:\"4.8.1.1-12+deb7u4\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libicu-dev\", reference:\"4.8.1.1-12+deb7u4\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libicu48\", reference:\"4.8.1.1-12+deb7u4\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libicu48-dbg\", reference:\"4.8.1.1-12+deb7u4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T09:44:08", "description": "Brief introduction \n\nCVE-2014-9911\n\nMichele Spagnuolo discovered a buffer overflow vulnerability which\nmight allow remote attackers to cause a denial of service or possibly\nexecute arbitrary code via crafted text.\n\nCVE-2016-7415\n\nA stack-based buffer overflow might allow an attacker with control of\nthe locale string to perform a denial of service and, possibly,\nexecute arbitrary code.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version\n4.8.1.1-12+deb7u6.\n\nWe recommend that you upgrade your icu packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.", "edition": 17, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-12-20T00:00:00", "title": "Debian DLA-744-1 : icu security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-9911", "CVE-2016-7415"], "modified": "2016-12-20T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:icu-doc", "p-cpe:/a:debian:debian_linux:libicu48-dbg", "p-cpe:/a:debian:debian_linux:libicu-dev", "cpe:/o:debian:debian_linux:7.0", "p-cpe:/a:debian:debian_linux:libicu48"], "id": "DEBIAN_DLA-744.NASL", "href": "https://www.tenable.com/plugins/nessus/96005", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-744-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96005);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-9911\", \"CVE-2016-7415\");\n\n script_name(english:\"Debian DLA-744-1 : icu security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Brief introduction \n\nCVE-2014-9911\n\nMichele Spagnuolo discovered a buffer overflow vulnerability which\nmight allow remote attackers to cause a denial of service or possibly\nexecute arbitrary code via crafted text.\n\nCVE-2016-7415\n\nA stack-based buffer overflow might allow an attacker with control of\nthe locale string to perform a denial of service and, possibly,\nexecute arbitrary code.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version\n4.8.1.1-12+deb7u6.\n\nWe recommend that you upgrade your icu packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2016/12/msg00019.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/icu\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icu-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libicu-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libicu48\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libicu48-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"icu-doc\", reference:\"4.8.1.1-12+deb7u6\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libicu-dev\", reference:\"4.8.1.1-12+deb7u6\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libicu48\", reference:\"4.8.1.1-12+deb7u6\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libicu48-dbg\", reference:\"4.8.1.1-12+deb7u6\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T08:59:18", "description": "According to the versions of the icu packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerabilities :\n\n - Unspecified vulnerability in the Java SE and Java SE\n Embedded components in Oracle Java SE 6u105, 7u91, and\n 8u66 and Java SE Embedded 8u65 allows remote attackers\n to affect confidentiality, integrity, and availability\n via unknown vectors related to 2D.(CVE-2016-0494)\n\n - Unspecified vulnerability in Oracle Java SE 6u101,\n 7u85, and 8u60, and Java SE Embedded 8u51, allows\n remote attackers to affect confidentiality, integrity,\n and availability via unknown vectors related to\n 2D.(CVE-2015-4844)\n\n - Stack-based buffer overflow in the Locale class in\n common/locid.cpp in International Components for\n Unicode (ICU) through 57.1 for C/C++ allows remote\n attackers to cause a denial of service (application\n crash) or possibly have unspecified other impact via a\n long locale string.(CVE-2016-7415)\n\n - The uloc_acceptLanguageFromHTTP function in\n common/uloc.cpp in International Components for Unicode\n (ICU) through 57.1 for C/C++ does not ensure that there\n is a '\\0' character at the end of a certain temporary\n array, which allows remote attackers to cause a denial\n of service (out-of-bounds read) or possibly have\n unspecified other impact via a call with a long\n httpAcceptLanguage argument.(CVE-2016-6293)\n\n - The Regular Expressions package in International\n Components for Unicode (ICU) for C/C++ before\n 2014-12-03, as used in Google Chrome before\n 40.0.2214.91, calculates certain values without\n ensuring that they can be represented in a 24-bit\n field, which allows remote attackers to cause a denial\n of service (memory corruption) or possibly have\n unspecified other impact via a crafted string, a\n related issue to CVE-2014-7923.(CVE-2014-9654)\n\n - International Components for Unicode (ICU) for C/C++\n before 2017-02-13 has an out-of-bounds write caused by\n a heap-based buffer overflow related to the\n utf8TextAccess function in common/utext.cpp and the\n utext_moveIndex32* function.(CVE-2017-7868)\n\n - A vulnerability was found in the International\n Components for Unicode (ICU). Specially crafted invalid\n utf-8 text, when parsed or manipulated using particular\n functions in libicu, could cause out-of-bounds heap\n reads and writes potentially leading to a crash, memory\n disclosure, or possibly code execution.(CVE-2017-7867)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 14, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-09-23T00:00:00", "title": "EulerOS 2.0 SP5 : icu (EulerOS-SA-2019-1969)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7923", "CVE-2017-7867", "CVE-2014-9654", "CVE-2016-0494", "CVE-2016-7415", "CVE-2016-6293", "CVE-2017-7868", "CVE-2015-4844"], "modified": "2019-09-23T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libicu", "p-cpe:/a:huawei:euleros:libicu-devel", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-1969.NASL", "href": "https://www.tenable.com/plugins/nessus/129126", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129126);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2014-9654\",\n \"CVE-2015-4844\",\n \"CVE-2016-0494\",\n \"CVE-2016-6293\",\n \"CVE-2016-7415\",\n \"CVE-2017-7867\",\n \"CVE-2017-7868\"\n );\n script_bugtraq_id(\n 72980\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : icu (EulerOS-SA-2019-1969)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the icu packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerabilities :\n\n - Unspecified vulnerability in the Java SE and Java SE\n Embedded components in Oracle Java SE 6u105, 7u91, and\n 8u66 and Java SE Embedded 8u65 allows remote attackers\n to affect confidentiality, integrity, and availability\n via unknown vectors related to 2D.(CVE-2016-0494)\n\n - Unspecified vulnerability in Oracle Java SE 6u101,\n 7u85, and 8u60, and Java SE Embedded 8u51, allows\n remote attackers to affect confidentiality, integrity,\n and availability via unknown vectors related to\n 2D.(CVE-2015-4844)\n\n - Stack-based buffer overflow in the Locale class in\n common/locid.cpp in International Components for\n Unicode (ICU) through 57.1 for C/C++ allows remote\n attackers to cause a denial of service (application\n crash) or possibly have unspecified other impact via a\n long locale string.(CVE-2016-7415)\n\n - The uloc_acceptLanguageFromHTTP function in\n common/uloc.cpp in International Components for Unicode\n (ICU) through 57.1 for C/C++ does not ensure that there\n is a '\\0' character at the end of a certain temporary\n array, which allows remote attackers to cause a denial\n of service (out-of-bounds read) or possibly have\n unspecified other impact via a call with a long\n httpAcceptLanguage argument.(CVE-2016-6293)\n\n - The Regular Expressions package in International\n Components for Unicode (ICU) for C/C++ before\n 2014-12-03, as used in Google Chrome before\n 40.0.2214.91, calculates certain values without\n ensuring that they can be represented in a 24-bit\n field, which allows remote attackers to cause a denial\n of service (memory corruption) or possibly have\n unspecified other impact via a crafted string, a\n related issue to CVE-2014-7923.(CVE-2014-9654)\n\n - International Components for Unicode (ICU) for C/C++\n before 2017-02-13 has an out-of-bounds write caused by\n a heap-based buffer overflow related to the\n utf8TextAccess function in common/utext.cpp and the\n utext_moveIndex32* function.(CVE-2017-7868)\n\n - A vulnerability was found in the International\n Components for Unicode (ICU). Specially crafted invalid\n utf-8 text, when parsed or manipulated using particular\n functions in libicu, could cause out-of-bounds heap\n reads and writes potentially leading to a crash, memory\n disclosure, or possibly code execution.(CVE-2017-7867)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1969\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6b8c289e\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected icu packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libicu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libicu-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libicu-50.1.2-15.h5.eulerosv2r7\",\n \"libicu-devel-50.1.2-15.h5.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"icu\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T08:59:15", "description": "According to the versions of the icu package installed, the EulerOS\nVirtualization for ARM 64 installation on the remote host is affected\nby the following vulnerabilities :\n\n - Unspecified vulnerability in the Java SE and Java SE\n Embedded components in Oracle Java SE 6u105, 7u91, and\n 8u66 and Java SE Embedded 8u65 allows remote attackers\n to affect confidentiality, integrity, and availability\n via unknown vectors related to 2D.(CVE-2016-0494)\n\n - Unspecified vulnerability in Oracle Java SE 6u101,\n 7u85, and 8u60, and Java SE Embedded 8u51, allows\n remote attackers to affect confidentiality, integrity,\n and availability via unknown vectors related to\n 2D.(CVE-2015-4844)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 17, "published": "2019-09-17T00:00:00", "title": "EulerOS Virtualization for ARM 64 3.0.2.0 : icu (EulerOS-SA-2019-1946)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0494", "CVE-2015-4844"], "modified": "2019-09-17T00:00:00", "cpe": ["cpe:/o:huawei:euleros:uvp:3.0.2.0", "p-cpe:/a:huawei:euleros:libicu"], "id": "EULEROS_SA-2019-1946.NASL", "href": "https://www.tenable.com/plugins/nessus/128949", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128949);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2015-4844\",\n \"CVE-2016-0494\"\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.2.0 : icu (EulerOS-SA-2019-1946)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the icu package installed, the EulerOS\nVirtualization for ARM 64 installation on the remote host is affected\nby the following vulnerabilities :\n\n - Unspecified vulnerability in the Java SE and Java SE\n Embedded components in Oracle Java SE 6u105, 7u91, and\n 8u66 and Java SE Embedded 8u65 allows remote attackers\n to affect confidentiality, integrity, and availability\n via unknown vectors related to 2D.(CVE-2016-0494)\n\n - Unspecified vulnerability in Oracle Java SE 6u101,\n 7u85, and 8u60, and Java SE Embedded 8u51, allows\n remote attackers to affect confidentiality, integrity,\n and availability via unknown vectors related to\n 2D.(CVE-2015-4844)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1946\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?82a6dbe9\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected icu packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libicu\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"libicu-50.1.2-15.h4\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"icu\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T09:03:51", "description": "According to the versions of the icu package installed, the EulerOS\nVirtualization installation on the remote host is affected by the\nfollowing vulnerabilities :\n\n - Unspecified vulnerability in the Java SE and Java SE\n Embedded components in Oracle Java SE 6u105, 7u91, and\n 8u66 and Java SE Embedded 8u65 allows remote attackers\n to affect confidentiality, integrity, and availability\n via unknown vectors related to 2D.(CVE-2016-0494)\n\n - Unspecified vulnerability in Oracle Java SE 6u101,\n 7u85, and 8u60, and Java SE Embedded 8u51, allows\n remote attackers to affect confidentiality, integrity,\n and availability via unknown vectors related to\n 2D.(CVE-2015-4844)\n\n - International Components for Unicode (ICU) for C/C++\n before 2017-02-13 has an out-of-bounds write caused by\n a heap-based buffer overflow related to the\n utf8TextAccess function in common/utext.cpp and the\n utext_moveIndex32* function.(CVE-2017-7868)\n\n - International Components for Unicode (ICU) for C/C++\n before 2017-02-13 has an out-of-bounds write caused by\n a heap-based buffer overflow related to the\n utf8TextAccess function in common/utext.cpp and the\n utext_setNativeIndex* function.(CVE-2017-7867)\n\n - The Regular Expressions package in International\n Components for Unicode (ICU) for C/C++ before\n 2014-12-03, as used in Google Chrome before\n 40.0.2214.91, calculates certain values without\n ensuring that they can be represented in a 24-bit\n field, which allows remote attackers to cause a denial\n of service (memory corruption) or possibly have\n unspecified other impact via a crafted string, a\n related issue to CVE-2014-7923.(CVE-2014-9654)\n\n - Stack-based buffer overflow in the Locale class in\n common/locid.cpp in International Components for\n Unicode (ICU) through 57.1 for C/C++ allows remote\n attackers to cause a denial of service (application\n crash) or possibly have unspecified other impact via a\n long locale string.(CVE-2016-7415)\n\n - The uloc_acceptLanguageFromHTTP function in\n common/uloc.cpp in International Components for Unicode\n (ICU) through 57.1 for C/C++ does not ensure that there\n is a '\\0' character at the end of a certain temporary\n array, which allows remote attackers to cause a denial\n of service (out-of-bounds read) or possibly have\n unspecified other impact via a call with a long\n httpAcceptLanguage argument.(CVE-2016-6293)\n\n - The collator implementation in i18n/ucol.cpp in\n International Components for Unicode (ICU) 52 through\n SVN revision 293126, as used in Google Chrome before\n 40.0.2214.91, does not initialize memory for a data\n structure, which allows remote attackers to cause a\n denial of service or possibly have unspecified other\n impact via a crafted character sequence.(CVE-2014-7940)\n\n - The Regular Expressions package in International\n Components for Unicode (ICU) 52 before SVN revision\n 292944, as used in Google Chrome before 40.0.2214.91,\n allows remote attackers to cause a denial of service\n (memory corruption) or possibly have unspecified other\n impact via vectors related to a zero-length\n quantifier.(CVE-2014-7926)\n\n - The Regular Expressions package in International\n Components for Unicode (ICU) 52 before SVN revision\n 292944, as used in Google Chrome before 40.0.2214.91,\n allows remote attackers to cause a denial of service\n (memory corruption) or possibly have unspecified other\n impact via vectors related to a look-behind\n expression.(CVE-2014-7923)\n\n - Integer overflow in international date handling in\n International Components for Unicode (ICU) for C/C++\n before 60.1, as used in V8 in Google Chrome prior to\n 63.0.3239.84 and other products, allowed a remote\n attacker to perform an out of bounds memory read via a\n crafted HTML page.(CVE-2017-15422)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 6, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-04-16T00:00:00", "title": "EulerOS Virtualization 3.0.2.2 : icu (EulerOS-SA-2020-1454)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7923", "CVE-2017-7867", "CVE-2014-7940", "CVE-2014-9654", "CVE-2017-15422", "CVE-2016-0494", "CVE-2016-7415", "CVE-2016-6293", "CVE-2014-7926", "CVE-2017-7868", "CVE-2015-4844"], "modified": "2020-04-16T00:00:00", "cpe": ["cpe:/o:huawei:euleros:uvp:3.0.2.2", "p-cpe:/a:huawei:euleros:libicu"], "id": "EULEROS_SA-2020-1454.NASL", "href": "https://www.tenable.com/plugins/nessus/135616", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135616);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2014-7923\",\n \"CVE-2014-7926\",\n \"CVE-2014-7940\",\n \"CVE-2014-9654\",\n \"CVE-2015-4844\",\n \"CVE-2016-0494\",\n \"CVE-2016-6293\",\n \"CVE-2016-7415\",\n \"CVE-2017-15422\",\n \"CVE-2017-7867\",\n \"CVE-2017-7868\"\n );\n script_bugtraq_id(\n 72288,\n 72980\n );\n\n script_name(english:\"EulerOS Virtualization 3.0.2.2 : icu (EulerOS-SA-2020-1454)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the icu package installed, the EulerOS\nVirtualization installation on the remote host is affected by the\nfollowing vulnerabilities :\n\n - Unspecified vulnerability in the Java SE and Java SE\n Embedded components in Oracle Java SE 6u105, 7u91, and\n 8u66 and Java SE Embedded 8u65 allows remote attackers\n to affect confidentiality, integrity, and availability\n via unknown vectors related to 2D.(CVE-2016-0494)\n\n - Unspecified vulnerability in Oracle Java SE 6u101,\n 7u85, and 8u60, and Java SE Embedded 8u51, allows\n remote attackers to affect confidentiality, integrity,\n and availability via unknown vectors related to\n 2D.(CVE-2015-4844)\n\n - International Components for Unicode (ICU) for C/C++\n before 2017-02-13 has an out-of-bounds write caused by\n a heap-based buffer overflow related to the\n utf8TextAccess function in common/utext.cpp and the\n utext_moveIndex32* function.(CVE-2017-7868)\n\n - International Components for Unicode (ICU) for C/C++\n before 2017-02-13 has an out-of-bounds write caused by\n a heap-based buffer overflow related to the\n utf8TextAccess function in common/utext.cpp and the\n utext_setNativeIndex* function.(CVE-2017-7867)\n\n - The Regular Expressions package in International\n Components for Unicode (ICU) for C/C++ before\n 2014-12-03, as used in Google Chrome before\n 40.0.2214.91, calculates certain values without\n ensuring that they can be represented in a 24-bit\n field, which allows remote attackers to cause a denial\n of service (memory corruption) or possibly have\n unspecified other impact via a crafted string, a\n related issue to CVE-2014-7923.(CVE-2014-9654)\n\n - Stack-based buffer overflow in the Locale class in\n common/locid.cpp in International Components for\n Unicode (ICU) through 57.1 for C/C++ allows remote\n attackers to cause a denial of service (application\n crash) or possibly have unspecified other impact via a\n long locale string.(CVE-2016-7415)\n\n - The uloc_acceptLanguageFromHTTP function in\n common/uloc.cpp in International Components for Unicode\n (ICU) through 57.1 for C/C++ does not ensure that there\n is a '\\0' character at the end of a certain temporary\n array, which allows remote attackers to cause a denial\n of service (out-of-bounds read) or possibly have\n unspecified other impact via a call with a long\n httpAcceptLanguage argument.(CVE-2016-6293)\n\n - The collator implementation in i18n/ucol.cpp in\n International Components for Unicode (ICU) 52 through\n SVN revision 293126, as used in Google Chrome before\n 40.0.2214.91, does not initialize memory for a data\n structure, which allows remote attackers to cause a\n denial of service or possibly have unspecified other\n impact via a crafted character sequence.(CVE-2014-7940)\n\n - The Regular Expressions package in International\n Components for Unicode (ICU) 52 before SVN revision\n 292944, as used in Google Chrome before 40.0.2214.91,\n allows remote attackers to cause a denial of service\n (memory corruption) or possibly have unspecified other\n impact via vectors related to a zero-length\n quantifier.(CVE-2014-7926)\n\n - The Regular Expressions package in International\n Components for Unicode (ICU) 52 before SVN revision\n 292944, as used in Google Chrome before 40.0.2214.91,\n allows remote attackers to cause a denial of service\n (memory corruption) or possibly have unspecified other\n impact via vectors related to a look-behind\n expression.(CVE-2014-7923)\n\n - Integer overflow in international date handling in\n International Components for Unicode (ICU) for C/C++\n before 60.1, as used in V8 in Google Chrome prior to\n 63.0.3239.84 and other products, allowed a remote\n attacker to perform an out of bounds memory read via a\n crafted HTML page.(CVE-2017-15422)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1454\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ad5439c0\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected icu packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libicu\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.2\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.2\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.2\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libicu-50.1.2-15.h7.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"icu\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T09:01:29", "description": "According to the versions of the icu packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerabilities :\n\n - International Components for Unicode (ICU) for C/C++\n before 2017-02-13 has an out-of-bounds write caused by\n a heap-based buffer overflow related to the\n utf8TextAccess function in common/utext.cpp and the\n utext_moveIndex32* function.(CVE-2017-7868)\n\n - International Components for Unicode (ICU) for C/C++\n before 2017-02-13 has an out-of-bounds write caused by\n a heap-based buffer overflow related to the\n utf8TextAccess function in common/utext.cpp and the\n utext_setNativeIndex* function.(CVE-2017-7867)\n\n - Stack-based buffer overflow in the Locale class in\n common/locid.cpp in International Components for\n Unicode (ICU) through 57.1 for C/C++ allows remote\n attackers to cause a denial of service (application\n crash) or possibly have unspecified other impact via a\n long locale string.(CVE-2016-7415)\n\n - The Regular Expressions package in International\n Components for Unicode (ICU) 52 before SVN revision\n 292944, as used in Google Chrome before 40.0.2214.91,\n allows remote attackers to cause a denial of service\n (memory corruption) or possibly have unspecified other\n impact via vectors related to a look-behind\n expression.(CVE-2014-7923)\n\n - The Regular Expressions package in International\n Components for Unicode (ICU) 52 before SVN revision\n 292944, as used in Google Chrome before 40.0.2214.91,\n allows remote attackers to cause a denial of service\n (memory corruption) or possibly have unspecified other\n impact via vectors related to a zero-length\n quantifier.(CVE-2014-7926)\n\n - The Regular Expressions package in International\n Components for Unicode (ICU) for C/C++ before\n 2014-12-03, as used in Google Chrome before\n 40.0.2214.91, calculates certain values without\n ensuring that they can be represented in a 24-bit\n field, which allows remote attackers to cause a denial\n of service (memory corruption) or possibly have\n unspecified other impact via a crafted string, a\n related issue to CVE-2014-7923.(CVE-2014-9654)\n\n - The uloc_acceptLanguageFromHTTP function in\n common/uloc.cpp in International Components for Unicode\n (ICU) through 57.1 for C/C++ does not ensure that there\n is a '\\0' character at the end of a certain temporary\n array, which allows remote attackers to cause a denial\n of service (out-of-bounds read) or possibly have\n unspecified other impact via a call with a long\n httpAcceptLanguage argument.(CVE-2016-6293)\n\n - Unspecified vulnerability in Oracle Java SE 6u101,\n 7u85, and 8u60, and Java SE Embedded 8u51, allows\n remote attackers to affect confidentiality, integrity,\n and availability via unknown vectors related to\n 2D.(CVE-2015-4844)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 12, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-12-18T00:00:00", "title": "EulerOS 2.0 SP3 : icu (EulerOS-SA-2019-2594)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7923", "CVE-2017-7867", "CVE-2014-9654", "CVE-2016-7415", "CVE-2016-6293", "CVE-2014-7926", "CVE-2017-7868", "CVE-2015-4844"], "modified": "2019-12-18T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libicu", "p-cpe:/a:huawei:euleros:libicu-devel", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2594.NASL", "href": "https://www.tenable.com/plugins/nessus/132129", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132129);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2014-7923\",\n \"CVE-2014-7926\",\n \"CVE-2014-9654\",\n \"CVE-2015-4844\",\n \"CVE-2016-6293\",\n \"CVE-2016-7415\",\n \"CVE-2017-7867\",\n \"CVE-2017-7868\"\n );\n script_bugtraq_id(\n 72288,\n 72980\n );\n\n script_name(english:\"EulerOS 2.0 SP3 : icu (EulerOS-SA-2019-2594)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the icu packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerabilities :\n\n - International Components for Unicode (ICU) for C/C++\n before 2017-02-13 has an out-of-bounds write caused by\n a heap-based buffer overflow related to the\n utf8TextAccess function in common/utext.cpp and the\n utext_moveIndex32* function.(CVE-2017-7868)\n\n - International Components for Unicode (ICU) for C/C++\n before 2017-02-13 has an out-of-bounds write caused by\n a heap-based buffer overflow related to the\n utf8TextAccess function in common/utext.cpp and the\n utext_setNativeIndex* function.(CVE-2017-7867)\n\n - Stack-based buffer overflow in the Locale class in\n common/locid.cpp in International Components for\n Unicode (ICU) through 57.1 for C/C++ allows remote\n attackers to cause a denial of service (application\n crash) or possibly have unspecified other impact via a\n long locale string.(CVE-2016-7415)\n\n - The Regular Expressions package in International\n Components for Unicode (ICU) 52 before SVN revision\n 292944, as used in Google Chrome before 40.0.2214.91,\n allows remote attackers to cause a denial of service\n (memory corruption) or possibly have unspecified other\n impact via vectors related to a look-behind\n expression.(CVE-2014-7923)\n\n - The Regular Expressions package in International\n Components for Unicode (ICU) 52 before SVN revision\n 292944, as used in Google Chrome before 40.0.2214.91,\n allows remote attackers to cause a denial of service\n (memory corruption) or possibly have unspecified other\n impact via vectors related to a zero-length\n quantifier.(CVE-2014-7926)\n\n - The Regular Expressions package in International\n Components for Unicode (ICU) for C/C++ before\n 2014-12-03, as used in Google Chrome before\n 40.0.2214.91, calculates certain values without\n ensuring that they can be represented in a 24-bit\n field, which allows remote attackers to cause a denial\n of service (memory corruption) or possibly have\n unspecified other impact via a crafted string, a\n related issue to CVE-2014-7923.(CVE-2014-9654)\n\n - The uloc_acceptLanguageFromHTTP function in\n common/uloc.cpp in International Components for Unicode\n (ICU) through 57.1 for C/C++ does not ensure that there\n is a '\\0' character at the end of a certain temporary\n array, which allows remote attackers to cause a denial\n of service (out-of-bounds read) or possibly have\n unspecified other impact via a call with a long\n httpAcceptLanguage argument.(CVE-2016-6293)\n\n - Unspecified vulnerability in Oracle Java SE 6u101,\n 7u85, and 8u60, and Java SE Embedded 8u51, allows\n remote attackers to affect confidentiality, integrity,\n and availability via unknown vectors related to\n 2D.(CVE-2015-4844)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2594\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?57a73d45\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected icu packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libicu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libicu-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libicu-50.1.2-15.h5\",\n \"libicu-devel-50.1.2-15.h5\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"icu\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2020-08-12T01:02:33", "bulletinFamily": "unix", "cvelist": ["CVE-2015-2632", "CVE-2016-0494", "CVE-2014-9911", "CVE-2016-7415", "CVE-2016-6293", "CVE-2015-4844"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3725-1 security@debian.org\nhttps://www.debian.org/security/ Luciano Bello\nNovember 27, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : icu\nCVE ID : CVE-2014-9911 CVE-2015-2632 CVE-2015-4844 CVE-2016-0494 \n CVE-2016-6293 CVE-2016-7415\nDebian Bug : 838694\n\nSeveral vulnerabilities were discovered in the International Components\nfor Unicode (ICU) library.\n\nCVE-2014-9911\n\n Michele Spagnuolo discovered a buffer overflow vulnerability which\n might allow remote attackers to cause a denial of service or possibly\n execute arbitrary code via crafted text.\n\nCVE-2015-2632\n\n An integer overflow vulnerability might lead into a denial of service\n or disclosure of portion of application memory if an attacker has\n control on the input file.\n\nCVE-2015-4844\n\n Buffer overflow vulnerabilities might allow an attacker with control\n on the font file to perform a denial of service attacker or,\n possibly, execute arbitrary code.\n\nCVE-2016-0494\n\n Integer signedness issues were introduced as part of the\n CVE-2015-4844 fix.\n\nCVE-2016-6293\n\n A buffer overflow might allow an attacker to perform a denial of\n service or disclosure of portion of application memory.\n\nCVE-2016-7415\n\n A stack-based buffer overflow might allow an attacker with control on\n the locale string to perform a denial of service and, possibly,\n execute arbitrary code.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 52.1-8+deb8u4.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 57.1-5.\n\nWe recommend that you upgrade your icu packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 10, "modified": "2016-11-27T17:40:16", "published": "2016-11-27T17:40:16", "id": "DEBIAN:DSA-3725-1:7707C", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2016/msg00309.html", "title": "[SECURITY] [DSA 3725-1] icu security update", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-30T02:21:49", "bulletinFamily": "unix", "cvelist": ["CVE-2015-2632", "CVE-2016-0494", "CVE-2015-4844"], "description": "Package : icu\nVersion : 4.8.1.1-12+deb7u4\nCVE ID : CVE-2015-2632 CVE-2015-4844 CVE-2016-0494\n\n\nSeveral security issues have been identified and corrected in ICU, the\nInternational Components for Unicode C and C++ library, in Debian Wheezy.\n\nCVE-2015-2632\n\n Buffer overflow vulnerability.\n\nCVE-2015-4844\n\n Buffer overflow vulnerability.\n\nCVE-2016-0494\n\n Integer signedness/overflow vulnerability.\n\nFor Debian 7 &quot;Wheezy&quot;, these problems have been fixed in version\n4.8.1.1-12+deb7u4.\n\nWe recommend that you upgrade your icu packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 3, "modified": "2016-07-07T17:36:44", "published": "2016-07-07T17:36:44", "id": "DEBIAN:DLA-545-1:646D8", "href": "https://lists.debian.org/debian-lts-announce/2016/debian-lts-announce-201607/msg00006.html", "title": "[SECURITY] [DLA 545-1] icu security update", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-30T02:23:11", "bulletinFamily": "unix", "cvelist": ["CVE-2014-9911", "CVE-2016-7415"], "description": "Package : icu\nVersion : 4.8.1.1-12+deb7u6\nCVE ID : CVE-2014-9911 CVE-2016-7415\nDebian Bug : 838694\n\n\nBrief introduction \n\nCVE-2014-9911\n\n Michele Spagnuolo discovered a buffer overflow vulnerability which\n might allow remote attackers to cause a denial of service or possibly\n execute arbitrary code via crafted text.\n\nCVE-2016-7415\n\n A stack-based buffer overflow might allow an attacker with control of\n the locale string to perform a denial of service and, possibly,\n execute arbitrary code.\n\nFor Debian 7 &quot;Wheezy&quot;, these problems have been fixed in version\n4.8.1.1-12+deb7u6.\n\nWe recommend that you upgrade your icu packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 3, "modified": "2016-12-16T12:57:30", "published": "2016-12-16T12:57:30", "id": "DEBIAN:DLA-744-1:95F46", "href": "https://lists.debian.org/debian-lts-announce/2016/debian-lts-announce-201612/msg00019.html", "title": "[SECURITY] [DLA 744-1] icu security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-30T02:21:27", "bulletinFamily": "unix", "cvelist": ["CVE-2016-6293"], "description": "Package : icu\nVersion : 4.8.1.1-12+deb7u5\nCVE ID : CVE-2016-6293\n\n\nThis update fixes a buffer overflow in the uloc_acceptLanguageFromHTTP\nfunction in ICU, the International Components for Unicode C and C++\nlibrary, in Debian Wheezy\n\nFor Debian 7 &quot;Wheezy&quot;, these problems have been fixed in version\n4.8.1.1-12+deb7u5.\n\nWe recommend that you upgrade your icu packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 3, "modified": "2016-09-08T13:53:54", "published": "2016-09-08T13:53:54", "id": "DEBIAN:DLA-615-1:B50E0", "href": "https://lists.debian.org/debian-lts-announce/2016/debian-lts-announce-201609/msg00007.html", "title": "[SECURITY] [DLA 615-1] icu security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-11-11T13:21:59", "bulletinFamily": "unix", "cvelist": ["CVE-2015-2632"], "description": "Package : icu\nVersion : 4.4.1-8+squeeze5\nCVE ID : CVE-2015-2632\n\nA vulnerability was found in ICU, a set of libraries that provides Unicode and\ninternationalization support. Integer overflows in the ICU layout engine made\nit possible to disclose information.\n\nFor Debian 6 &quot;Squeeze&quot;, this problem has been fixed in icu version\n4.4.1-8+squeeze5. We recommend you to upgrade your icu packages.\n\nLearn more about the Debian Long Term Support (LTS) Project and how to\napply these updates at: https://wiki.debian.org/LTS/\n", "edition": 3, "modified": "2016-01-11T08:42:53", "published": "2016-01-11T08:42:53", "id": "DEBIAN:DLA-381-1:1D167", "href": "https://lists.debian.org/debian-lts-announce/2016/debian-lts-announce-201601/msg00006.html", "title": "[SECURITY] [DLA 381-1] icu security update", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-08-12T00:51:39", "bulletinFamily": "unix", "cvelist": ["CVE-2016-0483", "CVE-2016-0448", "CVE-2015-7575", "CVE-2016-0466", "CVE-2016-0494", "CVE-2016-0402"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3458-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nJanuary 27, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : openjdk-7\nCVE ID : CVE-2015-7575 CVE-2016-0402 CVE-2016-0448 CVE-2016-0466 \n CVE-2016-0483 CVE-2016-0494\n\nSeveral vulnerabilities have been discovered in OpenJDK, an\nimplementation of the Oracle Java platform, resulting in breakouts of\nthe Java sandbox, information disclosur, denial of service and insecure\ncryptography.\n\nFor the oldstable distribution (wheezy), these problems have been fixed\nin version 7u95-2.6.4-1~deb7u1.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 7u95-2.6.4-1~deb8u1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 7u95-2.6.4-1.\n\nWe recommend that you upgrade your openjdk-7 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 11, "modified": "2016-01-27T21:01:10", "published": "2016-01-27T21:01:10", "id": "DEBIAN:DSA-3458-1:53966", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2016/msg00028.html", "title": "[SECURITY] [DSA 3458-1] openjdk-7 security update", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-30T02:21:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-0483", "CVE-2016-0448", "CVE-2015-7575", "CVE-2016-0466", "CVE-2016-0494", "CVE-2016-0402"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3465-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nFebruary 02, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : openjdk-6\nCVE ID : CVE-2015-7575 CVE-2016-0402 CVE-2016-0448 CVE-2016-0466 \n CVE-2016-0483 CVE-2016-0494\n\nSeveral vulnerabilities have been discovered in OpenJDK, an\nimplementation of the Oracle Java platform, resulting in breakouts of\nthe Java sandbox, information disclosur, denial of service and insecure\ncryptography.\n\nFor the oldstable distribution (wheezy), these problems have been fixed\nin version 6b38-1.13.10-1~deb7u1.\n\nWe recommend that you upgrade your openjdk-6 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 3, "modified": "2016-02-02T21:32:31", "published": "2016-02-02T21:32:31", "id": "DEBIAN:DSA-3465-1:584E2", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2016/msg00035.html", "title": "[SECURITY] [DSA 3465-1] openjdk-6 security update", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2020-07-02T11:39:18", "bulletinFamily": "unix", "cvelist": ["CVE-2016-0494", "CVE-2014-9911", "CVE-2016-7415", "CVE-2016-6293", "CVE-2015-4844"], "description": "It was discovered that ICU incorrectly handled certain memory operations \nwhen processing data. If an application using ICU processed crafted data, \na remote attacker could possibly cause it to crash or potentially execute \narbitrary code with the privileges of the user invoking the program.", "edition": 5, "modified": "2017-03-13T00:00:00", "published": "2017-03-13T00:00:00", "id": "USN-3227-1", "href": "https://ubuntu.com/security/notices/USN-3227-1", "title": "ICU vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-02T11:35:14", "bulletinFamily": "unix", "cvelist": ["CVE-2015-2632", "CVE-2015-1270", "CVE-2015-4760"], "description": "Atte Kettunen discovered that ICU incorrectly handled certain converter \nnames. If an application using ICU processed crafted data, a remote \nattacker could possibly cause it to crash. (CVE-2015-1270)\n\nIt was discovered that ICU incorrectly handled certain memory operations \nwhen processing data. If an application using ICU processed crafted data, \na remote attacker could possibly cause it to crash or potentially execute \narbitrary code with the privileges of the user invoking the program. \n(CVE-2015-2632, CVE-2015-4760)", "edition": 5, "modified": "2015-09-16T00:00:00", "published": "2015-09-16T00:00:00", "id": "USN-2740-1", "href": "https://ubuntu.com/security/notices/USN-2740-1", "title": "ICU vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-02T11:39:04", "bulletinFamily": "unix", "cvelist": ["CVE-2016-0483", "CVE-2016-0448", "CVE-2016-0466", "CVE-2016-0494", "CVE-2016-0402"], "description": "Multiple vulnerabilities were discovered in the OpenJDK JRE related \nto information disclosure, data integrity, and availability. An \nattacker could exploit these to cause a denial of service, expose \nsensitive data over the network, or possibly execute arbitrary code. \n(CVE-2016-0483, CVE-2016-0494)\n\nA vulnerability was discovered in the OpenJDK JRE related to data \nintegrity. An attacker could exploit this to expose sensitive data \nover the network or possibly execute arbitrary code. (CVE-2016-0402)\n\nA vulnerability was discovered in the OpenJDK JRE related to \ninformation disclosure. An attacker could exploit this to expose \nsensitive data over the network. (CVE-2016-0448)\n\nA vulnerability was discovered in the OpenJDK JRE related to \navailability. An attacker could exploit this to cause a denial of \nservice. (CVE-2016-0466)", "edition": 5, "modified": "2016-02-01T00:00:00", "published": "2016-02-01T00:00:00", "id": "USN-2885-1", "href": "https://ubuntu.com/security/notices/USN-2885-1", "title": "OpenJDK 6 vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-02T11:39:33", "bulletinFamily": "unix", "cvelist": ["CVE-2016-0483", "CVE-2016-0448", "CVE-2015-7575", "CVE-2016-0466", "CVE-2016-0494", "CVE-2016-0402"], "description": "Multiple vulnerabilities were discovered in the OpenJDK JRE related \nto information disclosure, data integrity, and availability. An \nattacker could exploit these to cause a denial of service, expose \nsensitive data over the network, or possibly execute arbitrary code. \n(CVE-2016-0483, CVE-2016-0494)\n\nA vulnerability was discovered in the OpenJDK JRE related to data \nintegrity. An attacker could exploit this to expose sensitive data \nover the network or possibly execute arbitrary code. (CVE-2016-0402)\n\nIt was discovered that OpenJDK 7 incorrectly allowed MD5 to be used \nfor TLS connections. If a remote attacker were able to perform a \nman-in-the-middle attack, this flaw could be exploited to expose \nsensitive information. (CVE-2015-7575)\n\nA vulnerability was discovered in the OpenJDK JRE related to \ninformation disclosure. An attacker could exploit this to expose \nsensitive data over the network. (CVE-2016-0448)\n\nA vulnerability was discovered in the OpenJDK JRE related to \navailability. An attacker could exploit this to cause a denial of \nservice. (CVE-2016-0466)", "edition": 5, "modified": "2016-02-01T00:00:00", "published": "2016-02-01T00:00:00", "id": "USN-2884-1", "href": "https://ubuntu.com/security/notices/USN-2884-1", "title": "OpenJDK 7 vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "cloudfoundry": [{"lastseen": "2019-05-29T18:32:46", "bulletinFamily": "software", "cvelist": ["CVE-2016-0494", "CVE-2014-9911", "CVE-2016-7415", "CVE-2016-6293", "CVE-2015-4844"], "description": "# \n\n# Severity\n\nMedium\n\n# Vendor\n\nCanonical Ubuntu\n\n# Versions Affected\n\n * Canonical Ubuntu 14.04\n\n# Description\n\nIt was discovered that ICU incorrectly handled certain memory operations when processing data. If an application using ICU processed crafted data, a remote attacker could possibly cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program.\n\n# Affected Cloud Foundry Products and Versions\n\n_Severity is medium unless otherwise noted._\n\n * Cloud Foundry BOSH stemcells are vulnerable, including: \n * 3151.x versions prior to 3151.14\n * 3233.x versions prior to 3233.16\n * 3263.x versions prior to 3263.22\n * 3312.x versions prior to 3312.22\n * 3363.x versions prior to 3363.14\n * All other stemcells not listed.\n * All versions of Cloud Foundry cflinuxfs2 prior to 1.108.0\n\n# Mitigation\n\nOSS users are strongly encouraged to follow one of the mitigations below:\n\n * The Cloud Foundry project recommends upgrading the following BOSH stemcells: \n * Upgrade 3151.x versions to 3151.14 or later\n * Upgrade 3233.x versions to 3233.16 or later\n * Upgrade 3263.x versions to 3263.22 or later\n * Upgrade 3312.x versions to 3312.22 or later\n * Upgrade 3363.x versions to 3363.14 or later\n * All other stemcells should be upgraded to the latest version.\n * The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs2 versions 1.108.0 or later.\n\n# References\n\n * [USN-3227-1](<http://www.ubuntu.com/usn/usn-3227-1/>)\n * [CVE-2014-9911](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-9911>)\n * [CVE-2015-4844](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2015-4844>)\n * [CVE-2016-0494](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-0494>)\n * [CVE-2016-6293](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-6293>)\n * [CVE-2016-7415](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-7415>)\n", "edition": 5, "modified": "2017-03-31T00:00:00", "published": "2017-03-31T00:00:00", "id": "CFOUNDRY:B642D1016F9847BDB1C562D31A013349", "href": "https://www.cloudfoundry.org/blog/usn-3227-1/", "title": "USN-3227-1: ICU vulnerabilities | Cloud Foundry", "type": "cloudfoundry", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:49", "bulletinFamily": "software", "cvelist": ["CVE-2015-2632", "CVE-2015-1270", "CVE-2015-4760"], "description": "USN-2740-1 ICU Vulnerabilities\n\n# \n\nMedium to Low\n\n# Vendor\n\nCanonical Ubuntu\n\n# Versions Affected\n\n * icu \u2013 International Components for Unicode library \n\n# Description\n\nAtte Kettunen discovered that ICU incorrectly handled certain converter names. If an application using ICU processed crafted data, a remote attacker could possibly cause it to crash. ([CVE-2015-1270](<http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-1270.html>))\n\nIt was discovered that ICU incorrectly handled certain memory operations when processing data. If an application using ICU processed crafted data, a remote attacker could possibly cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. ([CVE-2015-2632](<http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-2632.html>), [CVE-2015-4760](<http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-4760.html>))\n\n# Affected Products and Versions\n\n_Severity is medium unless otherwise noted. \n_\n\n * BOSH: All versions of Cloud Foundry BOSH stemcells prior to v3094 are vulnerable to the aforementioned CVEs. \n * Cloud Foundry Runtime: all versions of cf-release prior to 219 are vulnerable to the aforementioned CVEs. \n * PHP Buildpack: all versions of the buildpack prior to 4.1.4 contain a vulnerable version of libicu52. \n\n# Mitigation\n\nUsers of affected versions should apply the following mitigation:\n\n * The Cloud Foundry project recommends that Cloud Foundry Deployments using BOSH stemcell v3093 or earlier upgrade to v3094 or later, which contain the patched versions of the Linux kernel to resolve the aforementioned CVEs. \n * The Cloud Foundry project recommends that Cloud Foundry Deployments using cf-release 218 or lower upgrade to 219 or higher to resolve the aforementioned CVEs. \n\n# Credit\n\nAtte Kettunen\n\n# References\n\n * <http://www.ubuntu.com/usn/usn-2740-1/>\n * <https://bosh.io/stemcells>\n * <https://github.com/cloudfoundry/cf-release>\n", "edition": 5, "modified": "2015-10-07T00:00:00", "published": "2015-10-07T00:00:00", "id": "CFOUNDRY:07FC899E9F5F58E4BEDD842E4A4820A4", "href": "https://www.cloudfoundry.org/blog/usn-2740-1/", "title": "USN-2740-1 ICU Vulnerabilities | Cloud Foundry", "type": "cloudfoundry", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "cve": [{"lastseen": "2020-12-09T20:07:42", "description": "Stack-based buffer overflow in the Locale class in common/locid.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long locale string.", "edition": 5, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-09-17T21:59:00", "title": "CVE-2016-7415", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7415"], "modified": "2019-04-23T19:29:00", "cpe": ["cpe:/a:icu-project:international_components_for_unicode:57.1"], "id": "CVE-2016-7415", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7415", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:icu-project:international_components_for_unicode:57.1:*:*:*:*:c\\/c\\+\\+:*:*"]}, {"lastseen": "2020-12-09T20:07:40", "description": "The uloc_acceptLanguageFromHTTP function in common/uloc.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ does not ensure that there is a '\\0' character at the end of a certain temporary array, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a call with a long httpAcceptLanguage argument.", "edition": 5, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-07-25T14:59:00", "title": "CVE-2016-6293", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6293"], "modified": "2019-04-23T19:29:00", "cpe": ["cpe:/a:icu-project:international_components_for_unicode:57.1"], "id": "CVE-2016-6293", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6293", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:icu-project:international_components_for_unicode:57.1:*:*:*:*:c\\/c\\+\\+:*:*"]}, {"lastseen": "2020-12-09T19:58:30", "description": "Stack-based buffer overflow in the ures_getByKeyWithFallback function in common/uresbund.cpp in International Components for Unicode (ICU) before 54.1 for C/C++ allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted uloc_getDisplayName call.", "edition": 6, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-01-04T20:59:00", "title": "CVE-2014-9911", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9911"], "modified": "2019-04-23T19:29:00", "cpe": [], "id": "CVE-2014-9911", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9911", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2020-10-03T12:49:52", "description": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.", "edition": 4, "cvss3": {}, "published": "2015-10-21T23:59:00", "title": "CVE-2015-4844", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4844"], "modified": "2020-09-08T12:30:00", "cpe": ["cpe:/a:oracle:jre:1.6.0", "cpe:/a:oracle:jdk:1.6.0", "cpe:/a:oracle:jre:1.8.0", "cpe:/a:oracle:jdk:1.7.0", "cpe:/a:oracle:jre:1.7.0", "cpe:/a:oracle:jdk:1.8.0"], "id": "CVE-2015-4844", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4844", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:oracle:jre:1.8.0:update_60:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdk:1.7.0:update_85:*:*:*:*:*:*", "cpe:2.3:a:oracle:jre:1.7.0:update_85:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdk:1.6.0:update_101:*:*:*:*:*:*", "cpe:2.3:a:oracle:jre:1.6.0:update_101:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdk:1.8.0:update60:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdk:1.8.0:update51:*:*:*:*:*:*", "cpe:2.3:a:oracle:jre:1.8.0:update_51:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T12:49:49", "description": "Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality via unknown vectors related to 2D.\nPer Advisory: <a href=\"http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html\">Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets. </a>", "edition": 4, "cvss3": {}, "published": "2015-07-16T10:59:00", "title": "CVE-2015-2632", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2632"], "modified": "2020-09-08T12:30:00", "cpe": ["cpe:/a:oracle:jre:1.6.0", "cpe:/a:oracle:jdk:1.6.0", "cpe:/a:oracle:jre:1.8.0", "cpe:/a:oracle:jdk:1.7.0", "cpe:/a:oracle:jre:1.7.0", "cpe:/a:oracle:jdk:1.8.0"], "id": "CVE-2015-2632", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2632", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:oracle:jre:1.8.0:update_45:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdk:1.8.0:update45:*:*:*:*:*:*", "cpe:2.3:a:oracle:jre:1.6.0:update_95:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdk:1.7.0:update_80:*:*:*:*:*:*", "cpe:2.3:a:oracle:jre:1.7.0:update_80:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdk:1.6.0:update_95:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T12:10:38", "description": "Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.\nPer Oracle: Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets.", "edition": 4, "cvss3": {}, "published": "2016-01-21T03:00:00", "title": "CVE-2016-0494", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-0494"], "modified": "2020-09-08T12:30:00", "cpe": ["cpe:/a:oracle:jre:1.6.0", "cpe:/o:canonical:ubuntu_linux:15.04", "cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/a:oracle:jdk:1.6.0", "cpe:/a:oracle:jre:1.8.0", "cpe:/a:oracle:jdk:1.7.0", "cpe:/o:canonical:ubuntu_linux:15.10", "cpe:/a:oracle:jre:1.7.0", "cpe:/a:oracle:jdk:1.8.0", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "CVE-2016-0494", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0494", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:oracle:jdk:1.8.0:update66:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdk:1.7.0:update_91:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdk:1.6.0:update_105:*:*:*:*:*:*", "cpe:2.3:a:oracle:jre:1.6.0:update_105:*:*:*:*:*:*", "cpe:2.3:a:oracle:jre:1.8.0:update_66:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "cpe:2.3:a:oracle:jre:1.7.0:update_91:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"]}], "gentoo": [{"lastseen": "2017-01-24T10:59:34", "bulletinFamily": "unix", "cvelist": ["CVE-2015-2632", "CVE-2016-7415", "CVE-2016-6293"], "edition": 1, "description": "### Background\n\nICU is a mature, widely used set of C/C++ and Java libraries providing Unicode and Globalization support for software applications. \n\n### Description\n\nMultiple vulnerabilities have been discovered in ICU. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nRemote attackers could cause a Denial of Service condition or possibly have other unspecified impacts via a long locale string or httpAcceptLanguage argument. Additionally, A remote attacker, via a specially crafted file, could cause an application using ICU to parse untrusted font files resulting in a Denial of Service condition. Finally, remote attackers could affect confidentiality via unknown vectors related to 2D. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll ICU users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/icu-58.1\"", "modified": "2017-01-24T00:00:00", "published": "2017-01-24T00:00:00", "href": "https://security.gentoo.org/glsa/201701-58", "id": "GLSA-201701-58", "type": "gentoo", "title": "ICU: Multiple vulnerabilities", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "f5": [{"lastseen": "2017-06-08T00:16:31", "bulletinFamily": "software", "cvelist": ["CVE-2016-0448", "CVE-2016-0494", "CVE-2016-0402"], "edition": 1, "description": "\nF5 Product Development has evaluated the currently supported releases for potential vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP AAM| None| 12.0.0 \n11.4.0 - 11.6.0| Not vulnerable| None \nBIG-IP AFM| None| 12.0.0 \n11.3.0 - 11.6.0| Not vulnerable| None \nBIG-IP Analytics| None| 12.0.0 \n11.0.0 - 11.6.0| Not vulnerable| None \nBIG-IP APM| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP ASM| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP DNS| None| 12.0.0| Not vulnerable| None \nBIG-IP Edge Gateway| None| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP GTM| None| 11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP Link Controller| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP PEM| None| 12.0.0 \n11.3.0 - 11.6.0| Not vulnerable| None \nBIG-IP PSM| None| 11.0.0 - 11.4.1 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP WebAccelerator| None| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP WOM| None| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nARX| None| 6.0.0 - 6.4.0| Not vulnerable| None \nEnterprise Manager| None| 3.0.0 - 3.1.1| Not vulnerable| None \nFirePass| None| 7.0.0 \n6.0.0 - 6.1.0| Not vulnerable| None \nBIG-IQ Cloud| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Device| None| 4.2.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Security| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ ADC| None| 4.5.0| Not vulnerable| None \nBIG-IQ Centralized Management| None| 4.6.0| Not vulnerable| None \nBIG-IQ Cloud and Orchestration| None| 1.0.0| Not vulnerable| None \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nF5 WebSafe| None| 1.0.0| Not vulnerable| None \nTraffix SDC| None| 4.0.0 - 4.4.0 \n3.3.2 - 3.5.1 \n| Not vulnerable| None\n\nNone\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "modified": "2016-03-03T21:11:00", "published": "2016-03-03T21:11:00", "href": "https://support.f5.com/csp/article/K65342329", "id": "F5:K65342329", "title": "Java vulnerabilities CVE-2016-0494, CVE-2016-0448, and CVE-2016-0402", "type": "f5", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-28T05:23:29", "bulletinFamily": "software", "cvelist": ["CVE-2016-0448", "CVE-2016-0494", "CVE-2016-0402"], "description": "Vulnerability Recommended Actions\n\nNone\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "edition": 1, "modified": "2016-03-03T00:00:00", "published": "2016-03-03T00:00:00", "id": "SOL65342329", "href": "http://support.f5.com/kb/en-us/solutions/public/k/65/sol65342329.html", "type": "f5", "title": "SOL65342329 - Java vulnerabilities CVE-2016-0494, CVE-2016-0448, and CVE-2016-0402", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-09-09T08:42:08", "bulletinFamily": "software", "cvelist": ["CVE-2015-2601", "CVE-2015-4749", "CVE-2015-2632", "CVE-2015-2621", "CVE-2015-4748"], "description": "\nF5 Product Development has assigned ID 677960 and ID 677979 (BIG-IQ and iWorkflow) to this vulnerability. Additionally, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth/>) may list Heuristic H84947349 on the **Diagnostics** > **Identified** > **Medium** page.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Severity | Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM | None | 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1 \n11.2.1 | Not vulnerable | None \nBIG-IP AAM | None | 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1 | Not vulnerable | None \nBIG-IP AFM | None | 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1 | Not vulnerable | None \nBIG-IP Analytics | None | 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1 \n11.2.1 | Not vulnerable | None \nBIG-IP APM | None | 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1 \n11.2.1 | Not vulnerable | None \nBIG-IP ASM | None | 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1 \n11.2.1 | Not vulnerable | None \nBIG-IP DNS | None | 13.0.0 \n12.0.0 - 12.1.2 | Not vulnerable | None \nBIG-IP Edge Gateway | None | 11.2.1 | Not vulnerable | None \nBIG-IP GTM | None | 11.4.1 - 11.6.1 \n11.2.1 | Not vulnerable | None \nBIG-IP Link Controller | None | 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1 \n11.2.1 | Not vulnerable | None \nBIG-IP PEM | None | 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1 | Not vulnerable | None \nBIG-IP PSM | None | 11.4.1 | Not vulnerable | None \nBIG-IP WebAccelerator | None | 11.2.1 | Not vulnerable | None \nBIG-IP WebSafe | None | 13.0.0 \n12.0.0 - 12.1.2 \n11.6.0 - 11.6.1 | Not vulnerable | None \nARX | None | 6.2.0 - 6.4.0 | Not vulnerable | None \nEnterprise Manager | None | 3.1.1 | Not vulnerable | None \nBIG-IQ Cloud | None | 4.4.0 - 4.5.0 | Not vulnerable | None \nBIG-IQ Device | None | 4.4.0 - 4.5.0 | Not vulnerable | None \nBIG-IQ Security | None | 4.4.0 - 4.5.0 | Not vulnerable | None \nBIG-IQ ADC | None | 4.5.0 | Not vulnerable | None \nBIG-IQ Centralized Management | 5.0.0 - 5.1.0 \n4.6.0 | 5.2.0 - 5.3.0 | Medium | Java \nBIG-IQ Cloud and Orchestration | None | 1.0.0 | Not vulnerable | None \nF5 iWorkflow | 2.0.0 - 2.3.0 | None | Medium | Java \nLineRate | None | 2.5.0 - 2.6.2 | Not vulnerable | None \nTraffix SDC | None | 5.0.0 - 5.1.0 \n4.0.0 - 4.4.0 | Not vulnerable | None\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable **column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nTo determine the necessary upgrade path for your BIG-IQ system, you should understand the BIG-IQ product offering name changes. For more information, refer to [K21232150: Considerations for upgrading BIG-IQ or F5 iWorkflow systems](<https://support.f5.com/csp/article/K21232150>).\n\nMitigation\n\nNone\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K15106: Managing BIG-IQ product hotfixes](<https://support.f5.com/csp/article/K15106>)\n * [K15113: BIG-IQ hotfix matrix](<https://support.f5.com/csp/article/K15113>)\n", "edition": 1, "modified": "2018-03-08T02:28:00", "published": "2017-09-16T01:27:00", "id": "F5:K84947349", "href": "https://support.f5.com/csp/article/K84947349", "title": "OpenJDK vulnerabilities CVE-2015-2601, CVE-2015-2621, CVE-2015-2632, CVE-2015-4748, and CVE-2015-4749", "type": "f5", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-7415"], "description": "Tools and utilities for developing with icu. ", "modified": "2016-11-23T18:56:25", "published": "2016-11-23T18:56:25", "id": "FEDORA:115AC6042D4F", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 25 Update: icu-57.1-4.fc25", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-7415"], "description": "Tools and utilities for developing with icu. ", "modified": "2016-11-24T20:35:53", "published": "2016-11-24T20:35:53", "id": "FEDORA:7D428605FC47", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: icu-56.1-7.fc24", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-6293"], "description": "Tools and utilities for developing with icu. ", "modified": "2016-11-19T21:45:36", "published": "2016-11-19T21:45:36", "id": "FEDORA:38DA86002CFB", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 25 Update: icu-57.1-2.fc25", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-6293"], "description": "Tools and utilities for developing with icu. ", "modified": "2016-11-07T23:33:34", "published": "2016-11-07T23:33:34", "id": "FEDORA:3213A60427AB", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: icu-56.1-5.fc24", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:02", "bulletinFamily": "software", "cvelist": ["CVE-2015-2632", "CVE-2015-1270", "CVE-2015-4760"], "description": "Memory corruption on symbols parsing.", "edition": 1, "modified": "2015-10-05T00:00:00", "published": "2015-10-05T00:00:00", "id": "SECURITYVULNS:VULN:14704", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14704", "title": "libicu memory corruption", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2019-08-13T18:47:02", "bulletinFamily": "unix", "cvelist": ["CVE-2016-0402", "CVE-2016-0448", "CVE-2016-0466", "CVE-2016-0483", "CVE-2016-0494"], "description": "The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime\nEnvironment and the OpenJDK 6 Java Software Development Kit.\n\nAn out-of-bounds write flaw was found in the JPEG image format decoder in\nthe AWT component in OpenJDK. A specially crafted JPEG image could cause\na Java application to crash or, possibly execute arbitrary code. An\nuntrusted Java application or applet could use this flaw to bypass Java\nsandbox restrictions. (CVE-2016-0483)\n\nAn integer signedness issue was found in the font parsing code in the 2D\ncomponent in OpenJDK. A specially crafted font file could possibly cause\nthe Java Virtual Machine to execute arbitrary code, allowing an untrusted\nJava application or applet to bypass Java sandbox restrictions.\n(CVE-2016-0494)\n\nIt was discovered that the JAXP component in OpenJDK did not properly\nenforce the totalEntitySizeLimit limit. An attacker able to make a Java\napplication process a specially crafted XML file could use this flaw to\nmake the application consume an excessive amount of memory. (CVE-2016-0466)\n\nMultiple flaws were discovered in the Networking and JMX components in\nOpenJDK. An untrusted Java application or applet could use these flaws to\nbypass certain Java sandbox restrictions. (CVE-2016-0402, CVE-2016-0448)\n\nNote: This update also disallows the use of the MD5 hash algorithm in the\ncertification path processing. The use of MD5 can be re-enabled by removing\nMD5 from the jdk.certpath.disabledAlgorithms security property defined in\nthe java.security file.\n\nAll users of java-1.6.0-openjdk are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK Java\nmust be restarted for the update to take effect.\n", "modified": "2018-06-06T20:24:33", "published": "2016-01-26T05:00:00", "id": "RHSA-2016:0067", "href": "https://access.redhat.com/errata/RHSA-2016:0067", "type": "redhat", "title": "(RHSA-2016:0067) Important: java-1.6.0-openjdk security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:36:05", "bulletinFamily": "unix", "cvelist": ["CVE-2016-0483", "CVE-2016-0448", "CVE-2016-0466", "CVE-2016-0494", "CVE-2016-0402"], "description": "[1.6.0.38-1.13.10.0.0.1]\n- Add oracle-enterprise.patch\n[1:1.6.0.38-1.13.10.0]\n- Add patch to replace -fno-strict-overflow with -fwrapv on older RHEL 5.11 GCC.\n- Resolves: rhbz#1295772\n[1:1.6.0.38-1.13.10.0]\n- Update to IcedTea 1.13.10 & OpenJDK 6 b38.\n- Resolves: rhbz#1295772", "edition": 4, "modified": "2016-01-26T00:00:00", "published": "2016-01-26T00:00:00", "id": "ELSA-2016-0067", "href": "http://linux.oracle.com/errata/ELSA-2016-0067.html", "title": "java-1.6.0-openjdk security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "centos": [{"lastseen": "2019-12-20T18:26:25", "bulletinFamily": "unix", "cvelist": ["CVE-2016-0483", "CVE-2016-0448", "CVE-2016-0466", "CVE-2016-0494", "CVE-2016-0402"], "description": "**CentOS Errata and Security Advisory** CESA-2016:0067\n\n\nThe java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime\nEnvironment and the OpenJDK 6 Java Software Development Kit.\n\nAn out-of-bounds write flaw was found in the JPEG image format decoder in\nthe AWT component in OpenJDK. A specially crafted JPEG image could cause\na Java application to crash or, possibly execute arbitrary code. An\nuntrusted Java application or applet could use this flaw to bypass Java\nsandbox restrictions. (CVE-2016-0483)\n\nAn integer signedness issue was found in the font parsing code in the 2D\ncomponent in OpenJDK. A specially crafted font file could possibly cause\nthe Java Virtual Machine to execute arbitrary code, allowing an untrusted\nJava application or applet to bypass Java sandbox restrictions.\n(CVE-2016-0494)\n\nIt was discovered that the JAXP component in OpenJDK did not properly\nenforce the totalEntitySizeLimit limit. An attacker able to make a Java\napplication process a specially crafted XML file could use this flaw to\nmake the application consume an excessive amount of memory. (CVE-2016-0466)\n\nMultiple flaws were discovered in the Networking and JMX components in\nOpenJDK. An untrusted Java application or applet could use these flaws to\nbypass certain Java sandbox restrictions. (CVE-2016-0402, CVE-2016-0448)\n\nNote: This update also disallows the use of the MD5 hash algorithm in the\ncertification path processing. The use of MD5 can be re-enabled by removing\nMD5 from the jdk.certpath.disabledAlgorithms security property defined in\nthe java.security file.\n\nAll users of java-1.6.0-openjdk are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK Java\nmust be restarted for the update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2016-January/033664.html\nhttp://lists.centos.org/pipermail/centos-announce/2016-January/033665.html\nhttp://lists.centos.org/pipermail/centos-announce/2016-January/033666.html\n\n**Affected packages:**\njava-1.6.0-openjdk\njava-1.6.0-openjdk-demo\njava-1.6.0-openjdk-devel\njava-1.6.0-openjdk-javadoc\njava-1.6.0-openjdk-src\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2016-0067.html", "edition": 3, "modified": "2016-01-26T14:24:06", "published": "2016-01-26T13:28:19", "href": "http://lists.centos.org/pipermail/centos-announce/2016-January/033664.html", "id": "CESA-2016:0067", "title": "java security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "amazon": [{"lastseen": "2020-11-10T12:37:03", "bulletinFamily": "unix", "cvelist": ["CVE-2016-0483", "CVE-2016-0448", "CVE-2016-0466", "CVE-2016-0494", "CVE-2016-0402"], "description": "**Issue Overview:**\n\nAn out-of-bounds write flaw was found in the JPEG image format decoder in the AWT component in OpenJDK. A specially crafted JPEG image could cause a Java application to crash or, possibly execute arbitrary code. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. ([CVE-2016-0483 __](<https://access.redhat.com/security/cve/CVE-2016-0483>))\n\nAn integer signedness issue was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions. ([CVE-2016-0494 __](<https://access.redhat.com/security/cve/CVE-2016-0494>))\n\nIt was discovered that the JAXP component in OpenJDK did not properly enforce the totalEntitySizeLimit limit. An attacker able to make a Java application process a specially crafted XML file could use this flaw to make the application consume an excessive amount of memory. ([CVE-2016-0466 __](<https://access.redhat.com/security/cve/CVE-2016-0466>))\n\nMultiple flaws were discovered in the Networking and JMX components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. ([CVE-2016-0402 __](<https://access.redhat.com/security/cve/CVE-2016-0402>), [CVE-2016-0448 __](<https://access.redhat.com/security/cve/CVE-2016-0448>))\n\n \n**Affected Packages:** \n\n\njava-1.6.0-openjdk\n\n \n**Issue Correction:** \nRun _yum update java-1.6.0-openjdk_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n java-1.6.0-openjdk-javadoc-1.6.0.38-1.13.10.0.73.amzn1.i686 \n java-1.6.0-openjdk-demo-1.6.0.38-1.13.10.0.73.amzn1.i686 \n java-1.6.0-openjdk-src-1.6.0.38-1.13.10.0.73.amzn1.i686 \n java-1.6.0-openjdk-1.6.0.38-1.13.10.0.73.amzn1.i686 \n java-1.6.0-openjdk-devel-1.6.0.38-1.13.10.0.73.amzn1.i686 \n java-1.6.0-openjdk-debuginfo-1.6.0.38-1.13.10.0.73.amzn1.i686 \n \n src: \n java-1.6.0-openjdk-1.6.0.38-1.13.10.0.73.amzn1.src \n \n x86_64: \n java-1.6.0-openjdk-1.6.0.38-1.13.10.0.73.amzn1.x86_64 \n java-1.6.0-openjdk-javadoc-1.6.0.38-1.13.10.0.73.amzn1.x86_64 \n java-1.6.0-openjdk-demo-1.6.0.38-1.13.10.0.73.amzn1.x86_64 \n java-1.6.0-openjdk-src-1.6.0.38-1.13.10.0.73.amzn1.x86_64 \n java-1.6.0-openjdk-debuginfo-1.6.0.38-1.13.10.0.73.amzn1.x86_64 \n java-1.6.0-openjdk-devel-1.6.0.38-1.13.10.0.73.amzn1.x86_64 \n \n \n", "edition": 3, "modified": "2016-02-19T15:48:00", "published": "2016-02-19T15:48:00", "id": "ALAS-2016-654", "href": "https://alas.aws.amazon.com/ALAS-2016-654.html", "title": "Important: java-1.6.0-openjdk", "type": "amazon", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "suse": [{"lastseen": "2018-05-25T14:21:14", "bulletinFamily": "unix", "cvelist": ["CVE-2017-7867", "CVE-2017-17484", "CVE-2017-15422", "CVE-2014-8147", "CVE-2014-8146", "CVE-2016-6293", "CVE-2017-7868", "CVE-2017-14952"], "description": "icu was updated to fix two security issues.\n\n These security issues were fixed:\n - CVE-2014-8147: The resolveImplicitLevels function in common/ubidi.c in\n the Unicode Bidirectional Algorithm implementation in ICU4C in\n International Components for Unicode (ICU) used an integer data type\n that is inconsistent with a header file, which allowed remote attackers\n to cause a denial of service (incorrect malloc followed by invalid free)\n or possibly execute arbitrary code via crafted text (bsc#929629).\n - CVE-2014-8146: The resolveImplicitLevels function in common/ubidi.c in\n the Unicode Bidirectional Algorithm implementation in ICU4C in\n International Components for Unicode (ICU) did not properly track\n directionally isolated pieces of text, which allowed remote attackers to\n cause a denial of service (heap-based buffer overflow) or possibly\n execute arbitrary code via crafted text (bsc#929629).\n - CVE-2016-6293: The uloc_acceptLanguageFromHTTP function in\n common/uloc.cpp in International Components for Unicode (ICU) for C/C++\n did not ensure that there is a '\\0' character at the end of a certain\n temporary array, which allowed remote attackers to cause a denial of\n service (out-of-bounds read) or possibly have unspecified other impact\n via a call with a long httpAcceptLanguage argument (bsc#990636).\n - CVE-2017-7868: International Components for Unicode (ICU) for C/C++\n 2017-02-13 has an out-of-bounds write caused by a heap-based buffer\n overflow related to the utf8TextAccess function in common/utext.cpp and\n the utext_moveIndex32* function (bsc#1034674)\n - CVE-2017-7867: International Components for Unicode (ICU) for C/C++\n 2017-02-13 has an out-of-bounds write caused by a heap-based buffer\n overflow related to the utf8TextAccess function in common/utext.cpp and\n the utext_setNativeIndex* function (bsc#1034678)\n - CVE-2017-14952: Double free in i18n/zonemeta.cpp in International\n Components for Unicode (ICU) for C/C++ allowed remote attackers to\n execute arbitrary code via a crafted string, aka a &quot;redundant UVector\n entry clean up function call&quot; issue (bnc#1067203)\n - CVE-2017-17484: The ucnv_UTF8FromUTF8 function in ucnv_u8.cpp in\n International Components for Unicode (ICU) for C/C++ mishandled\n ucnv_convertEx calls for UTF-8 to UTF-8 conversion, which allowed remote\n attackers to cause a denial of service (stack-based buffer overflow and\n application crash) or possibly have unspecified other impact via a\n crafted string, as demonstrated by ZNC (bnc#1072193)\n - CVE-2017-15422: An integer overflow in icu during persian calendar date\n processing could lead to incorrect years shown (bnc#1077999)\n\n This update was imported from the SUSE:SLE-12:Update update project.\n\n", "edition": 1, "modified": "2018-05-25T11:33:28", "published": "2018-05-25T11:33:28", "id": "OPENSUSE-SU-2018:1422-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-05/msg00103.html", "title": "Security update for icu (moderate)", "type": "suse", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}