EUVD-2014-7790

Malware in sbrugna...

EUVD-2015-8493

Malware in sbrugna...

Stack Overflow

ChakraCore is vulnerable to stack buffer overflow. The vulnerability is due to the Collator object, which can result in a stack overflow during string comparisons resulting in an application crash...

K71059632: PHP vulnerability CVE-2015-8616

Security Advisory Description Use-after-free vulnerability in the Collator::sortWithSortKeys function in ext/intl/collator/collatorsort.c in PHP 7.x before 7.0.1 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact by leveraging the...

SUSE CVE-2014-7940

The collator implementation in i18n/ucol.cpp in International Components for Unicode ICU 52 through SVN revision 293126, as used in Google Chrome before 40.0.2214.91, does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have...

SUSE CVE-2015-8616

Use-after-free vulnerability in the Collator::sortWithSortKeys function in ext/intl/collator/collatorsort.c in PHP 7.x before 7.0.1 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact by leveraging the relationships between a key buffer...

EulerOS 2.0 SP5 : icu (EulerOS-SA-2019-2159)

According to the versions of the icu packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The Regular Expressions package in International Components for Unicode ICU 52 before SVN revision 292944, as used in Google Chrome before...

icu/collator_rulebased_fuzzer: Use-of-uninitialized-value in isMatchAtCPBoundary

Project: https://github.com/unicode-org/icu.git Detailed report: https://oss-fuzz.com/testcase?key=5644492876546048 Project: icu Fuzzer: libFuzzericucollatorrulebasedfuzzer Fuzz target binary: collatorrulebasedfuzzer Job Type: libfuzzermsanicu Platform Id: linux Crash Type:...

Microsoft Edge - Internationalization Initialization Type Confusion (MS16-144) Exploit

Exploit for windows platform in category dos / poc 1; , set: function ; function f var i = Intl; Intl = ; // this somehow prevents an exception that prevents laoding di, "Collator", noobj;...

Microsoft Edge - Internationalization Initialization Type Confusion (MS16-144)

1; , set: function ; function f var i = Intl; Intl = ; // this somehow prevents an exception that prevents laoding di, "Collator", noobj; Object.defineProperty = f; var q = new Intl.NumberFormat...

PHP Memory Misreference Vulnerability

PHP is a widely used general purpose scripting language. A memory misreference vulnerability exists in the function Collator::sortWithSortKeys in ext/intl/collator/collatorsort.c in version 7.x of PHP prior to 7.0.1, which can be exploited by a remote attacker to cause a denial of service...

CVE-2015-8616

Use-after-free vulnerability in the Collator::sortWithSortKeys function in ext/intl/collator/collatorsort.c in PHP 7.x before 7.0.1 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact by leveraging the relationships between a key buffer...

Design/Logic Flaw

Use-after-free vulnerability in the Collator::sortWithSortKeys function in ext/intl/collator/collatorsort.c in PHP 7.x before 7.0.1 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact by leveraging the relationships between a key buffer...

CVE-2015-8616

Use-after-free vulnerability in the Collator::sortWithSortKeys function in ext/intl/collator/collatorsort.c in PHP 7.x before 7.0.1 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact by leveraging the relationships between a key buffer...

CVE-2015-8616

Use-after-free vulnerability in the Collator::sortWithSortKeys function in ext/intl/collator/collatorsort.c in PHP 7.x before 7.0.1 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact by leveraging the relationships between a key buffer...

CVE-2015-8616

CVE-2015-8616 is a use-after-free vulnerability in PHP 7.x before 7.0.1 affecting the Collator::sortWithSortKeys implementation (ext/intl/collator/collator_sort.c). The underlying issue is a use-after-free triggered by the relationship between a key buffer and a destroyed array, allowing a remote...

KLA10746 Multiple vulnerabilities in PHP

Multiple serious vulnerabilities have been found in PHP. Malicious users can exploit these vulnerabilities to cause denial of service, affect arbitrary files, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Multiple integer overflows can be...

Internet Bug Bounty: Use After Free in sortWithSortKeys()

Copy Paste of bug report at https://bugs.php.net/bug.php?id=71020 Issue verified and fixed. Description: ------------ This is a vulnerability is in the function Collator::sortWithSortKeys. The vulnerable code is in ext/intl/collator/collatorsort.c 1 Given an array, each element hashData is being...

PHP Intl extension suffers from a denial of service vulnerability

The Intl Internationalization Extension is a new extension for PHP 5.3, a wrapper for the ICU library, which provides assistance in internationalizing applications. A memory misreference denial of service vulnerability exists in the 'intl/collator/collatorsort.c' file in PHP Intl. An attacker can...

USN-2522-3: ICU vulnerabilities

USN-2522-1 fixed vulnerabilities in ICU. On Ubuntu 12.04 LTS, the font patches caused a regression when using LibreOffice Calc. The patches have now been updated to fix the regression. We apologize for the inconvenience. Original advisory details: It was discovered that ICU incorrectly handled...