Showing 1 - 8 of 8

CVE-2014-8146

Status Candidate

Overview

The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 does not properly track directionally isolated pieces of text, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary code via crafted text.

Related Files

Apple Security Advisory 2015-09-30-03: Posted Oct 1, 2015; Authored by Apple | Site apple.com; Apple Security Advisory 2015-09-30-03 - OS X El Capitan 10.11 is now available and addresses close to 100 vulnerabilities that may exist in prior releases.; tags | advisory, vulnerability; systems | apple, osx; advisories | CVE-2013-3951, CVE-2014-2532, CVE-2014-3618, CVE-2014-6277, CVE-2014-7186, CVE-2014-7187, CVE-2014-8080, CVE-2014-8090, CVE-2014-8146, CVE-2014-8147, CVE-2014-8611, CVE-2014-9425, CVE-2014-9427, CVE-2014-9652, CVE-2014-9705, CVE-2014-9709, CVE-2015-0231, CVE-2015-0232, CVE-2015-0235, CVE-2015-0273, CVE-2015-0286, CVE-2015-0287, CVE-2015-1351, CVE-2015-1352, CVE-2015-1855, CVE-2015-2301, CVE-2015-2305, CVE-2015-2331; MD5 | 394e001ee3e97a0e28026a7e3dd1db7f; Download | Favorite | View

Apple Security Advisory 2015-09-21-1: Posted Sep 22, 2015; Authored by Apple | Site apple.com; Apple Security Advisory 2015-09-21-1 - watchOS 2 is now available and addresses unexpected application termination and interception issues.; tags | advisory; systems | apple; advisories | CVE-2014-8146, CVE-2015-1205, CVE-2015-5895, CVE-2015-5916; MD5 | 5f80c4f141e1954b8cb9311e5dfcf0e6; Download | Favorite | View

Apple Security Advisory 2015-09-16-3: Posted Sep 19, 2015; Authored by Apple | Site apple.com; Apple Security Advisory 2015-09-16-3 - iTunes 12.3 is now available and addresses code execution, application termination, memory corruption, and various other vulnerabilities.; tags | advisory, vulnerability, code execution; systems | apple; advisories | CVE-2010-3190, CVE-2014-8146, CVE-2015-1152, CVE-2015-1153, CVE-2015-1157, CVE-2015-1205, CVE-2015-3686, CVE-2015-3687, CVE-2015-3688, CVE-2015-3730, CVE-2015-3731, CVE-2015-3733, CVE-2015-3734, CVE-2015-3735, CVE-2015-3736, CVE-2015-3737, CVE-2015-3738, CVE-2015-3739, CVE-2015-3740, CVE-2015-3741, CVE-2015-3742, CVE-2015-3743, CVE-2015-3744, CVE-2015-3745, CVE-2015-3746, CVE-2015-3747, CVE-2015-3748, CVE-2015-3749; MD5 | a6d608f78e70efc46b371a2d2b52f21a; Download | Favorite | View

Apple Security Advisory 2015-09-16-1: Posted Sep 19, 2015; Authored by Apple | Site apple.com; Apple Security Advisory 2015-09-16-1 - iOS 9 is now available and addresses denial of service, information disclosure, and various other issues.; tags | advisory, denial of service, info disclosure; systems | cisco, apple, ios; advisories | CVE-2013-3951, CVE-2014-8146, CVE-2014-8611, CVE-2015-0286, CVE-2015-0287, CVE-2015-1129, CVE-2015-1205, CVE-2015-3801, CVE-2015-5522, CVE-2015-5523, CVE-2015-5748, CVE-2015-5764, CVE-2015-5765, CVE-2015-5767, CVE-2015-5788, CVE-2015-5789, CVE-2015-5790, CVE-2015-5791, CVE-2015-5792, CVE-2015-5793, CVE-2015-5794, CVE-2015-5795, CVE-2015-5796, CVE-2015-5797, CVE-2015-5799, CVE-2015-5800, CVE-2015-5801, CVE-2015-5802; MD5 | 7b03357b15268d01c550259d8e5434d4; Download | Favorite | View

Debian Security Advisory 3323-1: Posted Aug 4, 2015; Authored by Debian | Site debian.org; Debian Linux Security Advisory 3323-1 - Several vulnerabilities were discovered in the International Components for Unicode (ICU) library.; tags | advisory, vulnerability; systems | linux, debian; advisories | CVE-2014-6585, CVE-2014-8146, CVE-2014-8147, CVE-2015-4760; MD5 | 3b227f5b9c4afc27de34ba1dd8f7e610; Download | Favorite | View

Gentoo Linux Security Advisory 201507-04: Posted Jul 7, 2015; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201507-4 - Multiple vulnerabilities have been found in International Components for Unicode, allowing attackers to execute arbitrary code or cause a Denial of Service condition. Versions less than 55.1 are affected.; tags | advisory, denial of service, arbitrary, vulnerability; systems | linux, gentoo; advisories | CVE-2014-8146, CVE-2014-8147; MD5 | 134376411e97c688d7cf50dcacb15896; Download | Favorite | View

Ubuntu Security Notice USN-2605-1: Posted May 11, 2015; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 2605-1 - Pedro Ribeiro discovered that ICU incorrectly handled certain memory operations when processing data. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program.; tags | advisory, arbitrary; systems | linux, ubuntu; advisories | CVE-2014-8146, CVE-2014-8147; MD5 | b06af4a4540c40c0bb44e51e1bab8a6a; Download | Favorite | View

ICU Heap / Integer Overflows: Posted May 5, 2015; Authored by Pedro Ribeiro; The ICU library suffers from heap and integer overflows. Confirmed vulnerable are versions 52 through 54.; tags | advisory, overflow; advisories | CVE-2014-8146, CVE-2014-8147; MD5 | c20f81dbe5f336d4b887a8ebb2a797f4; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 93 files
Gentoo 55 files
malvuln 50 files
Ubuntu 23 files
faisalfs10x 12 files
Ron Jost 8 files
Apple 7 files
Google Security Research 6 files
Subhadip Nag 4 files
LiquidWorm 4 files

File Archives

Systems

AIX (422)
Apple (1,811)
BSD (368)
CentOS (53)
Cisco (1,907)
Debian (5,946)
Fedora (1,690)
FreeBSD (1,241)
Gentoo (4,148)
HPUX (874)
iOS (295)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (40,388)
Mac OS X (679)
Mandriva (3,105)
NetBSD (255)
OpenBSD (474)
RedHat (10,281)
Slackware (941)
Solaris (1,600)
SUSE (1,444)
Ubuntu (7,336)
UNIX (8,937)
UnixWare (181)
Windows (6,065)
Other

CVE-2014-8146

Overview

Related Files

File Archive:

July 2021

Top Authors In Last 30 Days

File Tags

File Archives

Systems