Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2018-18928

Опубликовано: 30 окт. 2018
Источник: redhat
CVSS3: 9.8

Описание

International Components for Unicode (ICU) for C/C++ 63.1 has an integer overflow in number::impl::DecimalQuantity::toScientificString() in i18n/number_decimalquantity.cpp.

Отчет

This issue did not affect the versions of icu as shipped with Red Hat Enterprise Linux 5, 6 and 7 as they did not include the vulnerable class. This issue did not affect the versions of java-1.6.0-openjdk, java-1.7.0-openjdk and java-1.8.0-openjdk as shipped with Red Hat Enterprise Linux 5, 6 and 7 as they did not include the vulnerable class. This issue did not affect the versions of webkitgtk4 as shipped with Red Hat Enterprise Linux 7 as they did not include the vulnerable class.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5icuNot affected
Red Hat Enterprise Linux 5java-1.6.0-openjdkNot affected
Red Hat Enterprise Linux 5java-1.7.0-openjdkNot affected
Red Hat Enterprise Linux 6icuNot affected
Red Hat Enterprise Linux 6java-1.6.0-openjdkNot affected
Red Hat Enterprise Linux 6java-1.7.0-openjdkNot affected
Red Hat Enterprise Linux 6java-1.8.0-openjdkNot affected
Red Hat Enterprise Linux 7icuNot affected
Red Hat Enterprise Linux 7java-1.6.0-openjdkNot affected
Red Hat Enterprise Linux 7java-1.7.0-openjdkNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-190
https://bugzilla.redhat.com/show_bug.cgi?id=1646702icu: integer overflow in number::impl::DecimalQuantity::toScientificString() in i18n/number_decimalquantity.cpp

9.8 Critical

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2018-18928

CVSS3: 9.8
ubuntu
больше 7 лет назад

International Components for Unicode (ICU) for C/C++ 63.1 has an integer overflow in number::impl::DecimalQuantity::toScientificString() in i18n/number_decimalquantity.cpp.

nvd логотип

CVE-2018-18928

CVSS3: 9.8
nvd
больше 7 лет назад

International Components for Unicode (ICU) for C/C++ 63.1 has an integer overflow in number::impl::DecimalQuantity::toScientificString() in i18n/number_decimalquantity.cpp.

debian логотип

CVE-2018-18928

CVSS3: 9.8
debian
больше 7 лет назад

International Components for Unicode (ICU) for C/C++ 63.1 has an integ ...

github логотип

GHSA-m2ch-6888-5mgr

CVSS3: 9.8
github
больше 3 лет назад

International Components for Unicode (ICU) for C/C++ 63.1 has an integer overflow in number::impl::DecimalQuantity::toScientificString() in i18n/number_decimalquantity.cpp.

9.8 Critical

CVSS3