Описание
The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 uses an integer data type that is inconsistent with a header file, which allows remote attackers to cause a denial of service (incorrect malloc followed by invalid free) or possibly execute arbitrary code via crafted text.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 52.1-8ubuntu1 |
| esm-infra-legacy/trusty | released | 52.1-3ubuntu0.3 |
| precise | not-affected | code not present |
| trusty | released | 52.1-3ubuntu0.3 |
| trusty/esm | released | 52.1-3ubuntu0.3 |
| upstream | released | 55.1 |
| utopic | released | 52.1-6ubuntu0.3 |
| vivid | released | 52.1-8ubuntu0.1 |
Показывать по
EPSS
7.5 High
CVSS2
Связанные уязвимости
The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 uses an integer data type that is inconsistent with a header file, which allows remote attackers to cause a denial of service (incorrect malloc followed by invalid free) or possibly execute arbitrary code via crafted text.
The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 uses an integer data type that is inconsistent with a header file, which allows remote attackers to cause a denial of service (incorrect malloc followed by invalid free) or possibly execute arbitrary code via crafted text.
The resolveImplicitLevels function in common/ubidi.c in the Unicode Bi ...
The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 uses an integer data type that is inconsistent with a header file, which allows remote attackers to cause a denial of service (incorrect malloc followed by invalid free) or possibly execute arbitrary code via crafted text.
Уязвимость библиотеки International Components for Unicode, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
EPSS
7.5 High
CVSS2