Lucene search
UbuntuUSN-1348-1HistoryJan 26, 2012 - 12:00 a.m.
ICU vulnerability
2012-01-2600:00:00
ubuntu.com
32
9.8 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.219 Low
EPSS
Percentile
96.4%
Releases
- Ubuntu 11.10
- Ubuntu 11.04
- Ubuntu 10.10
- Ubuntu 10.04
Packages
- icu - International Components for Unicode library
Details
It was discovered that ICU did not properly handle invalid locale data
during Unicode conversion. If an application using ICU processed crafted
data, an attacker could cause it to crash or potentially execute arbitrary
code with the privileges of the user invoking the program.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 11.10 | noarch | libicu44 | < 4.4.2-2ubuntu0.11.10.1 | UNKNOWN |
| Ubuntu | 11.10 | noarch | lib32icu-dev | < 4.4.2-2ubuntu0.11.10.1 | UNKNOWN |
| Ubuntu | 11.10 | noarch | lib32icu44 | < 4.4.2-2ubuntu0.11.10.1 | UNKNOWN |
| Ubuntu | 11.10 | noarch | libicu-dev | < 4.4.2-2ubuntu0.11.10.1 | UNKNOWN |
| Ubuntu | 11.10 | noarch | libicu44-dbg | < 4.4.2-2ubuntu0.11.10.1 | UNKNOWN |
| Ubuntu | 11.04 | noarch | libicu44 | < 4.4.2-2ubuntu0.11.04.1 | UNKNOWN |
| Ubuntu | 11.04 | noarch | lib32icu-dev | < 4.4.2-2ubuntu0.11.04.1 | UNKNOWN |
| Ubuntu | 11.04 | noarch | lib32icu44 | < 4.4.2-2ubuntu0.11.04.1 | UNKNOWN |
| Ubuntu | 11.04 | noarch | libicu-dev | < 4.4.2-2ubuntu0.11.04.1 | UNKNOWN |
| Ubuntu | 11.04 | noarch | libicu44-dbg | < 4.4.2-2ubuntu0.11.04.1 | UNKNOWN |
References
Related
nessus
nessus
RHEL 5 / 6 : icu (RHSA-2011:1815)
2011-12-14 00:00:00
Debian DSA-2397-1 : icu - buffer underflow
2012-01-31 00:00:00
Fedora 16 : icu-4.6-3.fc16 (2011-17101)
2011-12-23 00:00:00
openvas
openvas
CentOS Update for icu CESA-2011:1815 centos5 i386
2011-12-16 00:00:00
Fedora Update for icu FEDORA-2011-17101
2012-04-02 00:00:00
Debian: Security Advisory (DSA-2397-1)
2012-02-12 00:00:00
redhat
redhat
(RHSA-2011:1815) Moderate: icu security update
2011-12-13 00:00:00
ibm
ibm
Security Bulletin: ICU4C overflow vulnerability affects IBM WebSphere MQ (CVE-2011-4599)
2018-06-15 07:04:52
Security Bulletin: A security vulnerability has been identified in WebSphere MQ shipped with WebSphere Remote Server (CVE-2011-4599)
2018-06-15 07:05:19
Security Bulletin: Multiple vulnerabilities affect IBM Planning Analytics
2019-07-25 18:55:02
securityvulns
securityvulns
[ MDVSA-2011:194 ] icu
2012-01-02 00:00:00
ICU library memory corruption
2012-01-02 00:00:00
Apple Mac OS X multiple security vulnerabilities
2012-10-01 00:00:00
ubuntucve
ubuntucve
CVE-2011-4599
2011-12-15 00:00:00
cve
cve
CVE-2011-4599
2012-06-21 15:55:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 01:08:51
fedora
fedora
[SECURITY] Fedora 15 Update: icu-4.4.2-9.fc15
2011-12-23 03:30:14
[SECURITY] Fedora 16 Update: icu-4.6-3.fc16
2011-12-23 03:30:36
centos
centos
icu, libicu security update
2011-12-14 00:14:20
amazon
amazon
Medium: icu
2012-01-09 09:18:00
oraclelinux
oraclelinux
icu security update
2011-12-13 00:00:00
debian
debian
[SECURITY] [DSA 2397-1] icu security update
2012-01-29 12:38:33
prion
prion
Stack overflow
2012-06-21 15:55:00
debiancve
debiancve
CVE-2011-4599
2012-06-21 15:55:00
9.8 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.219 Low
EPSS
Percentile
96.4%
Related for USN-1348-1