Lucene search
UbuntuUSN-2605-1HistoryMay 11, 2015 - 12:00 a.m.
ICU vulnerabilities
2015-05-1100:00:00
ubuntu.com
37
9.8 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.026 Low
EPSS
Percentile
90.2%
Releases
- Ubuntu 15.04
- Ubuntu 14.10
- Ubuntu 14.04 ESM
Packages
- icu - International Components for Unicode library
Details
Pedro Ribeiro discovered that ICU incorrectly handled certain memory
operations when processing data. If an application using ICU processed
crafted data, an attacker could cause it to crash or potentially execute
arbitrary code with the privileges of the user invoking the program.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 15.04 | noarch | libicu52 | < 52.1-8ubuntu0.1 | UNKNOWN |
| Ubuntu | 15.04 | noarch | icu-devtools | < 52.1-8ubuntu0.1 | UNKNOWN |
| Ubuntu | 15.04 | noarch | icu-devtools-dbgsym | < 52.1-8ubuntu0.1 | UNKNOWN |
| Ubuntu | 15.04 | noarch | icu-doc | < 52.1-8ubuntu0.1 | UNKNOWN |
| Ubuntu | 15.04 | noarch | libicu-dev | < 52.1-8ubuntu0.1 | UNKNOWN |
| Ubuntu | 15.04 | noarch | libicu-dev-dbgsym | < 52.1-8ubuntu0.1 | UNKNOWN |
| Ubuntu | 15.04 | noarch | libicu52-dbg | < 52.1-8ubuntu0.1 | UNKNOWN |
| Ubuntu | 15.04 | noarch | libicu52-dbgsym | < 52.1-8ubuntu0.1 | UNKNOWN |
| Ubuntu | 14.10 | noarch | libicu52 | < 52.1-6ubuntu0.3 | UNKNOWN |
| Ubuntu | 14.10 | noarch | icu-devtools | < 52.1-6ubuntu0.3 | UNKNOWN |
Related
openvas
openvas
Ubuntu Update for icu USN-2605-1
2015-05-12 00:00:00
Gentoo Security Advisory GLSA 201507-04
2015-09-29 00:00:00
Debian Security Advisory DSA 3323-1 (icu - security update)
2015-08-01 00:00:00
nessus
nessus
openSUSE Security Update : icu (openSUSE-2017-1011)
2017-09-06 00:00:00
SUSE SLED12 / SLES12 Security Update : icu (SUSE-SU-2017:2318-1)
2017-09-01 00:00:00
cert
cert
ICU Project ICU4C library contains multiple overflow vulnerabilities
2015-05-04 00:00:00
securityvulns
securityvulns
[CVE-2014-8146/8147] - ICU heap and integer overflows / I-C-U-FAIL
2015-05-11 00:00:00
libicu security vulnerabilities
2015-05-11 00:00:00
APPLE-SA-2015-09-21-1 watchOS 2
2015-10-05 00:00:00
f5
f5
K16835 : ICU overflow vulnerabilities CVE-2014-8146 and CVE-2014-8147
2015-07-02 00:00:00
SOL16835 - ICU overflow vulnerabilities CVE-2014-8146 and CVE-2014-8147
2015-07-02 00:00:00
exploitpack
exploitpack
ICU library 52 54 - Multiple Vulnerabilities
2015-06-10 00:00:00
gentoo
gentoo
International Components for Unicode: Multiple vulnerabilities
2015-07-07 00:00:00
mageia
mageia
Updated icu package fixes security vulnerabilities
2015-07-27 20:34:09
exploitdb
exploitdb
ICU library 52 < 54 - Multiple Vulnerabilities
2015-06-10 00:00:00
ibm
ibm
debian
debian
[SECURITY] [DSA 3323-1] icu security update
2015-08-01 16:07:55
osv
osv
icu - security update
2015-08-01 00:00:00
ubuntucve
ubuntucve
CVE-2014-8146
2014-12-31 00:00:00
CVE-2014-8147
2014-12-31 00:00:00
prion
prion
Design/Logic Flaw
2015-05-25 22:59:00
Heap overflow
2015-05-25 22:59:00
debiancve
debiancve
CVE-2014-8146
2015-05-25 22:59:00
CVE-2014-8147
2015-05-25 22:59:00
cve
cve
threatpost
threatpost
ICU Project ICU4C Library Vulnerabilities Patched
2015-05-05 11:21:07
suse
suse
Security update for icu (moderate)
2018-05-25 11:33:28
kaspersky
kaspersky
KLA10669 Multiple vulnerabilities in Apple iTunes
2015-09-16 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - October 2015
2015-10-20 00:00:00
Oracle Critical Patch Update Advisory - April 2019
2019-04-16 00:00:00
9.8 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.026 Low
EPSS
Percentile
90.2%
Related for USN-2605-1