CVE-2016-6263

Опубликовано: 07 сент. 2016

Источник: ubuntu

Приоритет: medium

CVSS2: 5

CVSS3: 7.5

Описание

The stringprep_utf8_nfkc_normalize function in lib/nfkc.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted UTF-8 data.

Релиз	Статус	Примечание
devel	not-affected	1.33-1
esm-infra-legacy/trusty	released	1.28-1ubuntu2.1
esm-infra/xenial	released	1.32-3ubuntu1.1
precise	released	1.23-2ubuntu0.1
precise/esm	not-affected	1.23-2ubuntu0.1
trusty	released	1.28-1ubuntu2.1
trusty/esm	released	1.28-1ubuntu2.1
upstream	released	1.33-1
vivid/stable-phone-overlay	ignored	end of life
vivid/ubuntu-core	released	1.28-1ubuntu2.15.04.1

Показывать по

Ссылки на источники

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

CVE-2016-6263

CVSS3: 3.7

redhat

около 10 лет назад

The stringprep_utf8_nfkc_normalize function in lib/nfkc.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted UTF-8 data.

CVE-2016-6263

CVSS3: 7.5

nvd

больше 9 лет назад

The stringprep_utf8_nfkc_normalize function in lib/nfkc.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted UTF-8 data.

CVE-2016-6263

CVSS3: 7.5

debian

больше 9 лет назад

The stringprep_utf8_nfkc_normalize function in lib/nfkc.c in libidn be ...

GHSA-4q6w-2734-9q8x

CVSS3: 7.5

github

больше 3 лет назад

The stringprep_utf8_nfkc_normalize function in lib/nfkc.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted UTF-8 data.

openSUSE-SU-2016:2135-1

suse-cvrf

больше 9 лет назад

Security update for libidn

5 Medium

CVSS2

7.5 High

CVSS3

CVE-2016-6263

Описание

Пакет libidn

Ссылки на источники

Связанные уязвимости