what you don't know can hurt you
Showing 1 - 7 of 7 RSS Feed

CVE-2011-4599

Status Candidate

Overview

Stack-based buffer overflow in the _canonicalize function in common/uloc.c in International Components for Unicode (ICU) before 49.1 allows remote attackers to execute arbitrary code via a crafted locale ID that is not properly handled during variant canonicalization.

Related Files

Gentoo Linux Security Advisory 201209-07
Posted Sep 25, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201209-7 - A buffer overflow in International Components for Unicode could result in execution of arbitrary code or Denial of Service. Versions less than 49.1.1-r1 are affected.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2011-4599
MD5 | 00cc7b0c2ea880271cfb425cad87a71b
Apple Security Advisory 2012-09-24-1
Posted Sep 25, 2012
Authored by Apple | Site apple.com

Apple Security Advisory 2012-09-24-1 - Apple TV 5.1 is now available and addresses issues relating to malicious media loading, memory corruption, and more.

tags | advisory
systems | apple
advisories | CVE-2011-1167, CVE-2011-1944, CVE-2011-2821, CVE-2011-2834, CVE-2011-3026, CVE-2011-3048, CVE-2011-3328, CVE-2011-3919, CVE-2011-4599, CVE-2012-0682, CVE-2012-0683, CVE-2012-1173, CVE-2012-3589, CVE-2012-3590, CVE-2012-3591, CVE-2012-3592, CVE-2012-3678, CVE-2012-3679, CVE-2012-3722, CVE-2012-3725, CVE-2012-3726
MD5 | 02d5cf6eea27e80e9fb74ce87ba23963
Apple Security Advisory 2012-09-19-2
Posted Sep 22, 2012
Authored by Apple | Site apple.com

Apple Security Advisory 2012-09-19-2 - OS X Mountain Lion v10.8.2, OS X Lion v10.7.5 and Security Update 2012-004 are now available and address Apache, BIND, CoreText, Data Security, and many other vulnerabilities.

tags | advisory, vulnerability
systems | apple, osx
advisories | CVE-2011-3026, CVE-2011-3048, CVE-2011-3368, CVE-2011-3389, CVE-2011-3607, CVE-2011-4313, CVE-2011-4317, CVE-2011-4599, CVE-2012-0021, CVE-2012-0031, CVE-2012-0053, CVE-2012-0643, CVE-2012-0650, CVE-2012-0652, CVE-2012-0668, CVE-2012-0670, CVE-2012-0671, CVE-2012-0831, CVE-2012-1172, CVE-2012-1173, CVE-2012-1667, CVE-2012-1823, CVE-2012-2143, CVE-2012-2311, CVE-2012-2386, CVE-2012-2688, CVE-2012-3716, CVE-2012-3718
MD5 | 84dbb60b867b299238ac262bdf6502cf
Debian Security Advisory 2397-1
Posted Jan 30, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2397-1 - It was discovered that a buffer overflow in the Unicode library ICU could lead to the execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2011-4599
MD5 | 34098d57e9d12d3b3947c2fb58c89cf8
Ubuntu Security Notice USN-1348-1
Posted Jan 26, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1348-1 - It was discovered that ICU did not properly handle invalid locale data during Unicode conversion. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2011-4599
MD5 | 461155e39c9d65c89229d5b386cb826a
Mandriva Linux Security Advisory 2011-194
Posted Dec 27, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-194 - A stack-based buffer overflow flaw was found in the way ICU performed variant canonicalization for some locale identifiers. If a specially-crafted locale representation was opened in an application linked against ICU, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. The updated packages have been patched to correct this issue.

tags | advisory, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2011-4599
MD5 | d448a8d685c1b530b35237c09c4c0266
Red Hat Security Advisory 2011-1815-01
Posted Dec 14, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1815-01 - The International Components for Unicode library provides robust and full-featured Unicode services. A stack-based buffer overflow flaw was found in the way ICU performed variant canonicalization for some locale identifiers. If a specially-crafted locale representation was opened in an application linked against ICU, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. All users of ICU should upgrade to these updated packages, which contain a backported patch to resolve this issue. All applications linked against ICU must be restarted for this update to take effect.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2011-4599
MD5 | 4604447cb40c19eff6eb6ed161b4a0d6
Page 1 of 1
Back1Next

File Archive:

September 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    14 Files
  • 2
    Sep 2nd
    19 Files
  • 3
    Sep 3rd
    9 Files
  • 4
    Sep 4th
    1 Files
  • 5
    Sep 5th
    2 Files
  • 6
    Sep 6th
    3 Files
  • 7
    Sep 7th
    12 Files
  • 8
    Sep 8th
    22 Files
  • 9
    Sep 9th
    17 Files
  • 10
    Sep 10th
    19 Files
  • 11
    Sep 11th
    3 Files
  • 12
    Sep 12th
    2 Files
  • 13
    Sep 13th
    15 Files
  • 14
    Sep 14th
    16 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    7 Files
  • 17
    Sep 17th
    13 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close