Showing 1 - 3 of 3

CVE-2019-18224

Status Candidate

Overview

idn2_to_ascii_4i in lib/lookup.c in GNU libidn2 before 2.1.1 has a heap-based buffer overflow via a long domain string.

Gentoo Linux Security Advisory 202003-63: Posted Mar 30, 2020; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202003-63 - Multiple vulnerabilities have been found in GNU IDN Library 2, the worst of which could result in the remote execution of arbitrary code. Versions less than 2.2.0 are affected.; tags | advisory, remote, arbitrary, vulnerability; systems | linux, gentoo; advisories | CVE-2019-12290, CVE-2019-18224; MD5 | f1700aa0a875c05fb47f2d7447393006; Download | Favorite | View

Debian Security Advisory 4613-1: Posted Feb 3, 2020; Authored by Debian | Site debian.org; Debian Linux Security Advisory 4613-1 - A heap-based buffer overflow vulnerability was discovered in the idn2_to_ascii_4i() function in libidn2, the GNU library for Internationalized Domain Names (IDNs), which could result in denial of service, or the execution of arbitrary code when processing a long domain string.; tags | advisory, denial of service, overflow, arbitrary; systems | linux, debian; advisories | CVE-2019-18224; MD5 | bc4ea9e149abcc89a200608b389eeeca; Download | Favorite | View

Ubuntu Security Notice USN-4168-1: Posted Oct 29, 2019; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 4168-1 - It was discovered that Libidn2 incorrectly handled certain inputs. A attacker could possibly use this issue to impersonate domains. It was discovered that Libidn2 incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code.; tags | advisory, arbitrary; systems | linux, ubuntu; advisories | CVE-2019-12290, CVE-2019-18224; MD5 | 10f4de4f7ee6c221a81466a5e5d7679b; Download | Favorite | View

Page 1 of 1 Back 1 Next