444 matches found
CVE-2024-2961
The iconv function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable...
DEBIAN-CVE-2024-2961
The iconv function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable...
CVE-2024-2961
The iconv function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable...
CVE-2024-2961
The iconv function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable...
CVE-2024-2961
The iconv function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable...
GNU C Library 安全漏洞
GNU C Library is an open source, free C compiler released under the LGPL license. GNU C Library suffers from a buffer overflow vulnerability that originates from a boundary error in the iconv function when handling untrusted input. An attacker could exploit the vulnerability to cause the...
CVE-2024-2961
The iconv function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable...
UBUNTU-CVE-2024-2961
The iconv function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable...
ROS-20231020-10
Vulnerability in the GNU C Library glibc iconv utility due to insufficient validation of input data. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service by invoking the iconv utility with the "-c" option. by invoking the iconv utility with the "-c" option...
ROS-20230420-02
A vulnerability in the iconv function of the glibc library is related to a flaw in the use of the assert function. The vulnerability allows an attacker acting remotely to cause a denial of service...
K08641512: glibc vulnerability CVE-2020-27618
Security Advisory Description The iconv function in the GNU C Library aka glibc or libc6 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in...
K83181523: PHP vulnerability CVE-2018-10546
Security Advisory Description An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. An infinite loop exists in ext/iconv/iconv.c because the iconv stream filter does not reject invalid multibyte sequences. CVE-2018-10546 Impact There is no...
SUSE CVE-2007-4783
The iconvsubstr function in PHP 5.2.4 and earlier allows context-dependent attackers to cause 1 a denial of service application crash via a long string in the charset parameter, probably also requiring a long string in the str parameter; or 2 a denial of service temporary application hang via a...
SUSE CVE-2007-4840
PHP 5.2.4 and earlier allows context-dependent attackers to cause a denial of service application crash via 1 a long string in the outcharset parameter to the iconv function; or a long string in the charset parameter to the 2 iconvmimedecodeheaders, 3 iconvmimedecode, or 4 iconvstrlen function...
SUSE CVE-2010-2097
The 1 iconvmimedecode, 2 iconvsubstr, and 3 iconvmimeencode functions in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to obtain sensitive information memory contents by causing a userspace interruption of an internal function, related to the call time pass by...
SUSE CVE-2010-4699
The iconvmimedecodeheaders function in the Iconv extension in PHP before 5.3.4 does not properly handle encodings that are unrecognized by the iconv and mbstring aka Multibyte String implementations, which allows remote attackers to trigger an incomplete output array, and possibly bypass spam...
SUSE CVE-2012-6656
iconvdata/ibm930.c in GNU C Library aka glibc before 2.16 allows context-dependent attackers to cause a denial of service out-of-bounds read via a multibyte character value of "0xffff" to the iconv function when converting IBM930 encoded data to UTF-8...
SUSE CVE-2014-6040
GNU C Library aka glibc before 2.20 allows context-dependent attackers to cause a denial of service out-of-bounds read and crash via a multibyte character value of "0xffff" to the iconv function when converting 1 IBM933, 2 IBM935, 3 IBM937, 4 IBM939, or 5 IBM1364 encoded data to UTF-8...
SUSE CVE-2016-10228
The iconv program in the GNU C Library aka glibc or libc6 2.31 and earlier, when invoked with multiple suffixes in the destination encoding TRANSLATE or IGNORE along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service...
SUSE CVE-2018-10546
An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. An infinite loop exists in ext/iconv/iconv.c because the iconv stream filter does not reject invalid multibyte sequences...