Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-2740-1
HistorySep 16, 2015 - 12:00 a.m.

ICU vulnerabilities

2015-09-1600:00:00
ubuntu.com
32

6.5 Medium

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.038 Low

EPSS

Percentile

91.8%

JSON

Releases

  • Ubuntu 15.04
  • Ubuntu 14.04 ESM
  • Ubuntu 12.04

Packages

  • icu - International Components for Unicode library

Details

Atte Kettunen discovered that ICU incorrectly handled certain converter
names. If an application using ICU processed crafted data, a remote
attacker could possibly cause it to crash. (CVE-2015-1270)

It was discovered that ICU incorrectly handled certain memory operations
when processing data. If an application using ICU processed crafted data,
a remote attacker could possibly cause it to crash or potentially execute
arbitrary code with the privileges of the user invoking the program.
(CVE-2015-2632, CVE-2015-4760)

OSVersionArchitecturePackageVersionFilename
Ubuntu15.04noarchlibicu52< 52.1-8ubuntu0.2UNKNOWN
Ubuntu15.04noarchicu-devtools< 52.1-8ubuntu0.2UNKNOWN
Ubuntu15.04noarchicu-devtools-dbgsym< 52.1-8ubuntu0.2UNKNOWN
Ubuntu15.04noarchicu-doc< 52.1-8ubuntu0.2UNKNOWN
Ubuntu15.04noarchlibicu-dev< 52.1-8ubuntu0.2UNKNOWN
Ubuntu15.04noarchlibicu-dev-dbgsym< 52.1-8ubuntu0.2UNKNOWN
Ubuntu15.04noarchlibicu52-dbg< 52.1-8ubuntu0.2UNKNOWN
Ubuntu15.04noarchlibicu52-dbgsym< 52.1-8ubuntu0.2UNKNOWN
Ubuntu14.04noarchlibicu52< 52.1-3ubuntu0.4UNKNOWN
Ubuntu14.04noarchicu-devtools< 52.1-3ubuntu0.4UNKNOWN
Rows per page:
1-10 of 231

Related

securityvulns 2
nessus 49
cloudfoundry 1
openvas 49
prion 3
cve 3
debian 10
f5 3
ubuntucve 3
osv 7
mageia 5
debiancve 3
gentoo 1
ibm 12
redhat 12
centos 4
amazon 3
oraclelinux 4
archlinux 1
ubuntu 2
veracode 16
suse 5
aix 1
securityvulns
securityvulns
libicu memory corruption
2015-10-05 00:00:00
[SECURITY] [DSA 3360-1] icu security update
2015-10-05 00:00:00
nessus
nessus
Ubuntu 14.04 LTS : ICU vulnerabilities (USN-2740-1)
2015-09-17 00:00:00
Debian DLA-283-1 : icu security update
2015-07-29 00:00:00
F5 Networks BIG-IP : OpenJDK vulnerability (SOL17173)
2016-08-24 00:00:00
cloudfoundry
cloudfoundry
USN-2740-1 ICU Vulnerabilities | Cloud Foundry
2015-10-07 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-2740-1)
2015-09-17 00:00:00
Mageia: Security Advisory (MGASA-2015-0297)
2015-10-15 00:00:00
Debian: Security Advisory (DLA-283-1)
2023-03-08 00:00:00
prion
prion
Buffer overflow
2015-07-16 11:00:00
Code injection
2015-07-23 00:59:00
Buffer overflow
2015-07-16 10:59:00
cve
cve
CVE-2015-4760
2015-07-16 11:00:00
CVE-2015-1270
2015-07-23 00:59:00
CVE-2015-2632
2015-07-16 10:59:00
debian
debian
[SECURITY] [DLA 283-1] icu security update
2015-07-28 13:23:29
[SECURITY] [DLA 381-1] icu security update
2016-01-11 08:42:30
[SECURITY] [DSA 3360-1] icu security update
2015-09-15 16:09:40
f5
f5
SOL17173 - OpenJDK vulnerability CVE-2015-4760
2015-08-28 00:00:00
K17173 : OpenJDK vulnerability CVE-2015-4760
2015-08-28 00:00:00
K84947349 : OpenJDK vulnerabilities CVE-2015-2601, CVE-2015-2621, CVE-2015-2632, CVE-2015-4748, and CVE-2015-4749
2017-09-15 00:00:00
ubuntucve
ubuntucve
CVE-2015-4760
2015-07-16 00:00:00
CVE-2015-1270
2015-07-22 00:00:00
CVE-2015-2632
2015-07-16 00:00:00
osv
osv
icu - security update
2015-07-28 00:00:00
icu - security update
2016-01-11 00:00:00
icu - security update
2016-07-07 00:00:00
mageia
mageia
Updated icu package fixes security vulnerability
2015-08-01 01:46:26
Updated icu package fixes security vulnerability
2015-07-27 20:34:09
Updated icu package fixes security vulnerabilities
2015-07-27 20:34:09
debiancve
debiancve
CVE-2015-4760
2015-07-16 11:00:00
CVE-2015-1270
2015-07-23 00:59:00
CVE-2015-2632
2015-07-16 10:59:00
gentoo
gentoo
ICU: Multiple vulnerabilities
2017-01-24 00:00:00
ibm
ibm
Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM GPFS Native RAID (CVE-2015-2638, CVE-2015-4760, CVE-2015-2619, CVE-2015-2613)
2021-03-08 18:46:02
Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect the Enterprise Common Collector component of the IBM Tivoli zEnterprise Monitoring Agent (CVE-2015-4760, CVE-2015-2613, CVE-2015-2601, CVE-2015-2625, CVE-2015-1931 )
2018-06-17 15:07:56
Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Algorithmics One Core, Algo Risk Application, and Counterparty Credit Risk
2018-06-15 22:39:24
redhat
redhat
(RHSA-2015:1230) Important: java-1.7.0-openjdk security update
2015-07-15 00:00:00
(RHSA-2015:1526) Important: java-1.6.0-openjdk security update
2015-07-30 00:00:00
(RHSA-2015:1229) Critical: java-1.7.0-openjdk security update
2015-07-15 00:00:00
centos
centos
java security update
2015-07-15 15:39:22
java security update
2015-07-30 23:24:14
java security update
2015-07-15 15:08:01
amazon
amazon
Critical: java-1.7.0-openjdk
2015-07-22 10:00:00
Important: java-1.6.0-openjdk
2015-08-24 22:26:00
Important: java-1.8.0-openjdk
2015-07-22 10:00:00
oraclelinux
oraclelinux
java-1.7.0-openjdk security update
2015-07-15 00:00:00
java-1.6.0-openjdk security update
2015-07-31 00:00:00
java-1.7.0-openjdk security update
2015-07-16 00:00:00
archlinux
archlinux
jre7-openjdk: multiple issues
2015-07-22 00:00:00
ubuntu
ubuntu
OpenJDK 7 vulnerabilities
2015-07-30 00:00:00
OpenJDK 6 vulnerabilities
2015-08-06 00:00:00
veracode
veracode
Sandbox Restrictions Bypass
2019-05-02 05:40:37
Sandbox Restrictions Bypass
2019-05-02 05:41:17
Sandbox Restrictions Bypass
2019-05-02 05:41:17
suse
suse
Security update for java-1_6_0-ibm (important)
2015-09-08 13:10:01
Security update for java-1_6_0-ibm (important)
2015-08-05 11:08:49
Security update for java-1_7_0-ibm (important)
2015-08-12 18:09:25
aix
aix
Multiple vulnerabilities in IBM Java SDK affect AIX
2015-07-31 13:04:25

6.5 Medium

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.038 Low

EPSS

Percentile

91.8%

JSON
Related for USN-2740-1
securityvulns2nessus49cloudfoundry1openvas49prion3cve3debian10f53ubuntucve3osv7mageia5debiancve3gentoo1ibm12redhat12centos4amazon3oraclelinux4archlinux1ubuntu2veracode16suse5aix1