First published: Thu Jun 21 2012(Updated: )
International Components for Unicode is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the _canonicalize( ) function. By supplying a negative len value, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Icu-project International Components For Unicode | <49.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.