exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

CVE-2014-7940

Status Candidate

Overview

The collator implementation in i18n/ucol.cpp in International Components for Unicode (ICU) 52 through SVN revision 293126, as used in Google Chrome before 40.0.2214.91, does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted character sequence.

Related Files

Mandriva Linux Security Advisory 2015-161-1
Posted Apr 2, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-161 - The Regular Expressions package in International Components for Unicode 52 before SVN revision 292944 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to a zero-length quantifier or look-behind expression. The collator implementation in i18n/ucol.cpp in International Components for Unicode 52 through SVN revision 293126 does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted character sequence. It was discovered that ICU incorrectly handled memory operations when processing fonts. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program.

tags | advisory, remote, denial of service, arbitrary
systems | linux, mandriva
advisories | CVE-2014-6585, CVE-2014-6591, CVE-2014-7923, CVE-2014-7926, CVE-2014-7940
SHA-256 | 49d3630130b46ac02279d010879b18cd3f011430b7437293db81abac638f510b
Mandriva Linux Security Advisory 2015-161
Posted Mar 31, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-161 - Updated icu packages fix multiple security vulnerabilities.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2014-6585, CVE-2014-6591, CVE-2014-7923, CVE-2014-7926, CVE-2014-7940
SHA-256 | 566144e517320f25cda8c8094b5ee49b12023f9fdf5e6d20e62106a78c9eeb73
Debian Security Advisory 3187-1
Posted Mar 16, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3187-1 - Several vulnerabilities were discovered in the International Components for Unicode (ICU) library.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2013-1569, CVE-2013-2383, CVE-2013-2384, CVE-2013-2419, CVE-2014-6585, CVE-2014-6591, CVE-2014-7923, CVE-2014-7926, CVE-2014-7940, CVE-2014-9654
SHA-256 | 64876d739a618d4738968aa9618e06e3e4463eb6a94b3a4385ce569612e895cf
Gentoo Linux Security Advisory 201503-06
Posted Mar 16, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201503-6 - Multiple vulnerabilities have been found in ICU, possibly resulting in Denial of Service. Versions less than 54.1-r1 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2014-7923, CVE-2014-7926, CVE-2014-7940, CVE-2014-9654
SHA-256 | c5d993eeb91b30c1b8c6937c07a1c05ecd7be7753c708804f154c441eb93a20f
Ubuntu Security Notice USN-2522-3
Posted Mar 11, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2522-3 - USN-2522-1 fixed vulnerabilities in ICU. On Ubuntu 12.04 LTS, the font patches caused a regression when using LibreOffice Calc. The patches have now been updated to fix the regression.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2013-1569, CVE-2013-2383, CVE-2013-2384, CVE-2013-2419, CVE-2014-6585, CVE-2014-6591, CVE-2014-7940
SHA-256 | 6819460584d09163605ab124e5445cc2bd77359c598577feb67f5076d761423a
Ubuntu Security Notice USN-2522-2
Posted Mar 6, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2522-2 - USN-2522-1 fixed vulnerabilities in ICU. On Ubuntu 12.04 LTS, the font patches caused a regression when using LibreOffice Calc. The patches have been temporarily backed out until the regression is investigated. It was discovered that ICU incorrectly handled memory operations when processing fonts. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 12.04 LTS. It was discovered that ICU incorrectly handled memory operations when processing fonts. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. Various other issues were also addressed.

tags | advisory, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2013-2419, CVE-2014-6591, CVE-2014-7940
SHA-256 | 176846ea7d6434ad158a303218705a12d6028f9921b3142014f7cde21e95132f
Ubuntu Security Notice USN-2522-1
Posted Mar 5, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2522-1 - It was discovered that ICU incorrectly handled memory operations when processing fonts. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 12.04 LTS. It was discovered that ICU incorrectly handled memory operations when processing fonts. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. Various other issues were also addressed.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2013-1569, CVE-2013-2383, CVE-2013-2384, CVE-2013-2419, CVE-2014-6585, CVE-2014-6591, CVE-2014-7923, CVE-2014-7926, CVE-2014-7940, CVE-2014-9654
SHA-256 | d3c988929535c9500791efbeb3a03723d205b27224cb047b0c7ae7692d311974
Gentoo Linux Security Advisory 201502-13
Posted Feb 17, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201502-13 - Multiple vulnerabilities have been found in Chromium, the worst of which can allow remote attackers to cause Denial of Service or gain escalated privileges. Versions less than 40.0.2214.111 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2014-7923, CVE-2014-7924, CVE-2014-7925, CVE-2014-7926, CVE-2014-7927, CVE-2014-7928, CVE-2014-7929, CVE-2014-7930, CVE-2014-7931, CVE-2014-7932, CVE-2014-7933, CVE-2014-7934, CVE-2014-7935, CVE-2014-7936, CVE-2014-7937, CVE-2014-7938, CVE-2014-7939, CVE-2014-7940, CVE-2014-7941, CVE-2014-7942, CVE-2014-7943, CVE-2014-7944, CVE-2014-7945, CVE-2014-7946, CVE-2014-7947, CVE-2014-7948, CVE-2014-9646, CVE-2014-9647
SHA-256 | b141f2ae3308d17a9226400eb6145c29f4202b6063a681a62050f283b886aff1
Red Hat Security Advisory 2015-0093-01
Posted Jan 28, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0093-01 - Chromium is an open-source web browser, powered by WebKit. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash or, potentially, execute arbitrary code with the privileges of the user running Chromium.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2014-7923, CVE-2014-7924, CVE-2014-7925, CVE-2014-7926, CVE-2014-7927, CVE-2014-7928, CVE-2014-7929, CVE-2014-7930, CVE-2014-7931, CVE-2014-7932, CVE-2014-7933, CVE-2014-7934, CVE-2014-7935, CVE-2014-7936, CVE-2014-7937, CVE-2014-7938, CVE-2014-7939, CVE-2014-7940, CVE-2014-7941, CVE-2014-7942, CVE-2014-7943, CVE-2014-7944, CVE-2014-7945, CVE-2014-7946, CVE-2014-7947, CVE-2014-7948
SHA-256 | 15bcdc47727fc0ad0b65702ab55c64ea44a92ad6a771e7347758eaea43b886bb
Ubuntu Security Notice USN-2476-1
Posted Jan 26, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2476-1 - Several memory corruption bugs were discovered in ICU. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. A use-after-free was discovered in the IndexedDB implementation. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-7923, CVE-2014-7924, CVE-2014-7925, CVE-2014-7926, CVE-2014-7927, CVE-2014-7928, CVE-2014-7929, CVE-2014-7930, CVE-2014-7931, CVE-2014-7932, CVE-2014-7933, CVE-2014-7934, CVE-2014-7937, CVE-2014-7938, CVE-2014-7940, CVE-2014-7942, CVE-2014-7943, CVE-2014-7946, CVE-2014-7948, CVE-2015-1205, CVE-2015-1346
SHA-256 | 4b012cc93b432974585bdaa69ccd2b26a0cf1276a7848f5b6ef849f73afc23be
Page 1 of 1
Back1Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    0 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close