23 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-2059
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The stringpreputf8toucs4 function in libin before 1.31, as used in jabberd2, allows context-dependent attackers to read system memory and possibly have other...
RHEL 5 : libidn (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libidn2: Integer overflow in punydecode.c/decodedigit CVE-2017-14062 - The stringpreputf8toucs4 function ...
Advisory ROSA-SA-2021-1873
Software: libidn 1.28 OS: Cobalt 7.9 CVE-ID: CVE-2015-2059 CVE-Crit: MEDIUM CVE-DESC: The stringpreputf8toucs4 function in libin prior to 1.31, used in jabberd2, allows context-sensitive attackers to read system memory and possibly exert other undefined influence via invalid UTF-8 characters in a...
SUSE: Security Advisory (SUSE-SU-2016:2079-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for libidn (EulerOS-SA-2019-1454)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-3068-1 Libidn vulnerabilities | Cloud Foundry
USN-3068-1 Libidn vulnerabilities Medium Vendor Canonical Ubuntu, libidn Versions Affected Canonical Ubuntu 14.04 LTS Description Thijs Alkemade, Gustavo Grieco, Daniel Stenberg, and Nikos Mavrogiannopoulos discovered that Libidn incorrectly handled invalid UTF-8 characters. A remote attacker cou...
SUSE SLES11 Security Update : libidn (SUSE-SU-2016:2291-1)
This update for libidn fixes the following issues : - CVE-2016-6262 and CVE-2015-8948: Out-of-bounds-read when reading one zero byte as input bsc990189 - CVE-2016-6261: Out-of-bounds stack read in idnatoascii4i bsc990190 - CVE-2016-6263: stringpreputf8nfkcnormalize reject invalid UTF-8 bsc990191 ...
openSUSE Security Update : wget (openSUSE-2016-1067)
This update for wget fixes the following issues : - Fix for HTTP to a FTP redirection file name confusion vulnerability bsc984060, CVE-2016-4971. - Work around a libidn vulnerability bsc937096, CVE-2015-2059. - Fix for wget fails with basicauth: Failed writing HTTP request: Bad file descriptor...
SUSE SLED12 / SLES12 Security Update : wget (SUSE-SU-2016:2226-1)
This update for wget fixes the following issues : - Fix for HTTP to a FTP redirection file name confusion vulnerability bsc984060, CVE-2016-4971. - Work around a libidn vulnerability bsc937096, CVE-2015-2059. - Fix for wget fails with basicauth: Failed writing HTTP request: Bad file descriptor...
SUSE SLED12 / SLES12 Security Update : libidn (SUSE-SU-2016:2079-1)
This update for libidn fixes the following issues : - CVE-2016-6262 and CVE-2015-8948: Out-of-bounds-read when reading one zero byte as input bsc990189 - CVE-2016-6261: Out-of-bounds stack read in idnatoascii4i bsc990190 - CVE-2016-6263: stringpreputf8nfkcnormalize reject invalid UTF-8 bsc990191 ...
Ubuntu 14.04 LTS / 16.04 LTS : Libidn vulnerabilities (USN-3068-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3068-1 advisory. Thijs Alkemade, Gustavo Grieco, Daniel Stenberg, and Nikos Mavrogiannopoulos discovered that Libidn incorrectly handled invalid UTF-8...
SUSE-SU-2016:2079-1 Security update for libidn
This update for libidn fixes the following issues: - CVE-2016-6262 and CVE-2015-8948: Out-of-bounds-read when reading one zero byte as input bsc990189 - CVE-2016-6261: Out-of-bounds stack read in idnatoascii4i bsc990190 - CVE-2016-6263: stringpreputf8nfkcnormalize reject invalid UTF-8 bsc990191 -...
Debian DSA-3578-1 : libidn - security update
It was discovered that libidn, the GNU library for Internationalized Domain Names IDNs, did not correctly handle invalid UTF-8 input, causing an out-of-bounds read. This could allow attackers to disclose sensitive information from an application using the libidn library. %NASLMINLEVEL 70300 C...
Mageia: Security Advisory (MGASA-2015-0349)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated libidn packages fix CVE-2015-2059
Updated libidn packages fix security vulnerability: In libidn before 1.31, stringpreputf8toucs4 did not validate that the input UTF-8 string was actually valid UTF-8, which could lead to out-of-bounds reads CVE-2015-2059...
MGASA-2015-0349 Updated libidn packages fix CVE-2015-2059
Updated libidn packages fix security vulnerability: In libidn before 1.31, stringpreputf8toucs4 did not validate that the input UTF-8 string was actually valid UTF-8, which could lead to out-of-bounds reads CVE-2015-2059...
[SECURITY] [DLA 291-1] libidn security update
Package : libidn Version : 1.15-2+deb6u2 Adam Sampson found a vulnerability in GNU Libidn, library that implements the IETF IDN specifications. Libdin incorrectly handled invalid UTF-8 input, causing it to bad free. This issue was introduced by the fix for CVE-2015-2059. For Debian 6 “Squeeze”,...
CVE-2015-2059
The stringpreputf8toucs4 function in libin before 1.31, as used in jabberd2, allows context-dependent attackers to read system memory and possibly have other unspecified impact via invalid UTF-8 characters in a string, which triggers an out-of-bounds read...
CVE-2015-2059
The stringpreputf8toucs4 function in libin before 1.31, as used in jabberd2, allows context-dependent attackers to read system memory and possibly have other unspecified impact via invalid UTF-8 characters in a string, which triggers an out-of-bounds read...
CVE-2015-2059
CVE-2015-2059 affects libin (libidn) prior to 1.31 as used by jabberd2. The issue is an out-of-bounds read triggered by invalid UTF-8 characters in a string, potentially enabling memory disclosure. The provided documents do not specify a vendor patch, version, or concrete remediation for this CVE...