Lucene search
Ubuntu.comUB:CVE-2011-4599HistoryDec 15, 2011 - 12:00 a.m.
CVE-2011-4599
2011-12-1500:00:00
ubuntu.com
ubuntu.com
9
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.219 Low
EPSS
Percentile
96.4%
Stack-based buffer overflow in the _canonicalize function in common/uloc.c
in International Components for Unicode (ICU) before 49.1 allows remote
attackers to execute arbitrary code via a crafted locale ID that is not
properly handled during variant canonicalization.
Bugs
- <https://bugzilla.redhat.com/show_bug.cgi?id=765812>
- <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=654883>
Notes
| Author | Note |
|---|---|
| jdstrand | based on the patch, looks like a heap buffer overflow |
Related
nessus
nessus
Fedora 16 : icu-4.6-3.fc16 (2011-17101)
2011-12-23 00:00:00
CentOS 5 / 6 : icu (CESA-2011:1815)
2011-12-14 00:00:00
RHEL 5 / 6 : icu (RHSA-2011:1815)
2011-12-14 00:00:00
ibm
ibm
Security Bulletin: A security vulnerability has been identified in WebSphere MQ shipped with WebSphere Remote Server (CVE-2011-4599)
2018-06-15 07:05:19
Security Bulletin: ICU4C overflow vulnerability affects IBM WebSphere MQ (CVE-2011-4599)
2018-06-15 07:04:52
Security Bulletin: Multiple vulnerabilities affect IBM Planning Analytics
2019-07-25 18:55:02
cve
cve
CVE-2011-4599
2012-06-21 15:55:00
openvas
openvas
CentOS Update for icu CESA-2011:1815 centos5 x86_64
2012-07-30 00:00:00
CentOS Update for icu CESA-2011:1815 centos6
2012-07-30 00:00:00
Ubuntu: Security Advisory (USN-1348-1)
2012-02-01 00:00:00
redhat
redhat
(RHSA-2011:1815) Moderate: icu security update
2011-12-13 00:00:00
securityvulns
securityvulns
[ MDVSA-2011:194 ] icu
2012-01-02 00:00:00
ICU library memory corruption
2012-01-02 00:00:00
Apple Mac OS X multiple security vulnerabilities
2012-10-01 00:00:00
oraclelinux
oraclelinux
icu security update
2011-12-13 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: icu-4.6-3.fc16
2011-12-23 03:30:36
[SECURITY] Fedora 15 Update: icu-4.4.2-9.fc15
2011-12-23 03:30:14
debian
debian
[SECURITY] [DSA 2397-1] icu security update
2012-01-29 12:38:33
ubuntu
ubuntu
ICU vulnerability
2012-01-26 00:00:00
prion
prion
Stack overflow
2012-06-21 15:55:00
debiancve
debiancve
CVE-2011-4599
2012-06-21 15:55:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 01:08:51
centos
centos
icu, libicu security update
2011-12-14 00:14:20
amazon
amazon
Medium: icu
2012-01-09 09:18:00
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.219 Low
EPSS
Percentile
96.4%
Related for UB:CVE-2011-4599