Mandriva Linux Security Advisory 2015-161 - The Regular Expressions package in International Components for Unicode 52 before SVN revision 292944 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to a zero-length quantifier or look-behind expression. The collator implementation in i18n/ucol.cpp in International Components for Unicode 52 through SVN revision 293126 does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted character sequence. It was discovered that ICU incorrectly handled memory operations when processing fonts. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program.
49d3630130b46ac02279d010879b18cd3f011430b7437293db81abac638f510bMandriva Linux Security Advisory 2015-161 - Updated icu packages fix multiple security vulnerabilities.
566144e517320f25cda8c8094b5ee49b12023f9fdf5e6d20e62106a78c9eeb73Debian Linux Security Advisory 3187-1 - Several vulnerabilities were discovered in the International Components for Unicode (ICU) library.
64876d739a618d4738968aa9618e06e3e4463eb6a94b3a4385ce569612e895cfGentoo Linux Security Advisory 201503-6 - Multiple vulnerabilities have been found in ICU, possibly resulting in Denial of Service. Versions less than 54.1-r1 are affected.
c5d993eeb91b30c1b8c6937c07a1c05ecd7be7753c708804f154c441eb93a20fUbuntu Security Notice 2522-1 - It was discovered that ICU incorrectly handled memory operations when processing fonts. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 12.04 LTS. It was discovered that ICU incorrectly handled memory operations when processing fonts. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. Various other issues were also addressed.
d3c988929535c9500791efbeb3a03723d205b27224cb047b0c7ae7692d311974Gentoo Linux Security Advisory 201502-13 - Multiple vulnerabilities have been found in Chromium, the worst of which can allow remote attackers to cause Denial of Service or gain escalated privileges. Versions less than 40.0.2214.111 are affected.
b141f2ae3308d17a9226400eb6145c29f4202b6063a681a62050f283b886aff1Red Hat Security Advisory 2015-0093-01 - Chromium is an open-source web browser, powered by WebKit. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash or, potentially, execute arbitrary code with the privileges of the user running Chromium.
15bcdc47727fc0ad0b65702ab55c64ea44a92ad6a771e7347758eaea43b886bbUbuntu Security Notice 2476-1 - Several memory corruption bugs were discovered in ICU. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. A use-after-free was discovered in the IndexedDB implementation. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. Various other issues were also addressed.
4b012cc93b432974585bdaa69ccd2b26a0cf1276a7848f5b6ef849f73afc23be
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed