Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.703187
Category:Debian Local Security Checks
Title:Debian Security Advisory DSA 3187-1 (icu - security update)
Summary:Several vulnerabilities were discovered;in the International Components for Unicode (ICU) library.;;CVE-2013-1569;Glyph table issue.;;CVE-2013-2383;Glyph table issue.;;CVE-2013-2384;Font layout issue.;;CVE-2013-2419;Font processing issue.;;CVE-2014-6585;Out-of-bounds read.;;CVE-2014-6591;Additional out-of-bounds reads.;;CVE-2014-7923;Memory corruption in regular expression comparison.;;CVE-2014-7926;Memory corruption in regular expression comparison.;;CVE-2014-7940;Uninitialized memory.;;CVE-2014-9654;More regular expression flaws.
Description:Summary:
Several vulnerabilities were discovered
in the International Components for Unicode (ICU) library.

CVE-2013-1569
Glyph table issue.

CVE-2013-2383
Glyph table issue.

CVE-2013-2384
Font layout issue.

CVE-2013-2419
Font processing issue.

CVE-2014-6585
Out-of-bounds read.

CVE-2014-6591
Additional out-of-bounds reads.

CVE-2014-7923
Memory corruption in regular expression comparison.

CVE-2014-7926
Memory corruption in regular expression comparison.

CVE-2014-7940
Uninitialized memory.

CVE-2014-9654
More regular expression flaws.

Affected Software/OS:
icu on Debian Linux

Solution:
For the stable distribution (wheezy),
these problems have been fixed in version 4.8.1.1-12+deb7u2.

For the upcoming stable (jessie) and unstable (sid) distributions, these
problems have been fixed in version 52.1-7.1.

We recommend that you upgrade your icu packages.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2013-1569
http://lists.apple.com/archives/security-announce/2013/Apr/msg00001.html
BugTraq ID: 59166
http://www.securityfocus.com/bid/59166
Cert/CC Advisory: TA13-107A
http://www.us-cert.gov/ncas/alerts/TA13-107A
http://security.gentoo.org/glsa/glsa-201406-32.xml
HPdes Security Advisory: HPSBUX02889
http://marc.info/?l=bugtraq&m=137283787217316&w=2
HPdes Security Advisory: HPSBUX02922
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880
HPdes Security Advisory: SSRT101252
HPdes Security Advisory: SSRT101305
http://www.mandriva.com/security/advisories?name=MDVSA-2013:145
http://www.mandriva.com/security/advisories?name=MDVSA-2013:161
http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/6784c9903db7
https://bugzilla.redhat.com/show_bug.cgi?id=952711
http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-April/022796.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16697
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19327
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19556
RedHat Security Advisories: RHSA-2013:0752
http://rhn.redhat.com/errata/RHSA-2013-0752.html
RedHat Security Advisories: RHSA-2013:0757
http://rhn.redhat.com/errata/RHSA-2013-0757.html
RedHat Security Advisories: RHSA-2013:0758
http://rhn.redhat.com/errata/RHSA-2013-0758.html
RedHat Security Advisories: RHSA-2013:1455
http://rhn.redhat.com/errata/RHSA-2013-1455.html
RedHat Security Advisories: RHSA-2013:1456
http://rhn.redhat.com/errata/RHSA-2013-1456.html
SuSE Security Announcement: SUSE-SU-2013:0814 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00007.html
SuSE Security Announcement: SUSE-SU-2013:0835 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00013.html
SuSE Security Announcement: SUSE-SU-2013:0871 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00001.html
SuSE Security Announcement: SUSE-SU-2013:0934 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00007.html
SuSE Security Announcement: openSUSE-SU-2013:0777 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-05/msg00017.html
SuSE Security Announcement: openSUSE-SU-2013:0964 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-06/msg00099.html
http://www.ubuntu.com/usn/USN-1806-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-2383
BugTraq ID: 59190
http://www.securityfocus.com/bid/59190
https://bugzilla.redhat.com/show_bug.cgi?id=952708
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16564
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19291
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19725
Common Vulnerability Exposure (CVE) ID: CVE-2013-2384
BugTraq ID: 59179
http://www.securityfocus.com/bid/59179
https://bugzilla.redhat.com/show_bug.cgi?id=952709
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16549
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19341
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19549
Common Vulnerability Exposure (CVE) ID: CVE-2013-2419
BugTraq ID: 59131
http://www.securityfocus.com/bid/59131
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16527
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19386
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19526
Common Vulnerability Exposure (CVE) ID: CVE-2014-6585
BugTraq ID: 72173
http://www.securityfocus.com/bid/72173
Debian Security Information: DSA-3144 (Google Search)
http://www.debian.org/security/2015/dsa-3144
Debian Security Information: DSA-3147 (Google Search)
http://www.debian.org/security/2015/dsa-3147
Debian Security Information: DSA-3323 (Google Search)
http://www.debian.org/security/2015/dsa-3323
https://security.gentoo.org/glsa/201507-14
https://security.gentoo.org/glsa/201603-14
HPdes Security Advisory: HPSBUX03273
http://marc.info/?l=bugtraq&m=142496355704097&w=2
HPdes Security Advisory: HPSBUX03281
http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581
HPdes Security Advisory: SSRT101951
HPdes Security Advisory: SSRT101968
http://marc.info/?l=bugtraq&m=142607790919348&w=2
RedHat Security Advisories: RHSA-2015:0068
http://rhn.redhat.com/errata/RHSA-2015-0068.html
RedHat Security Advisories: RHSA-2015:0079
http://rhn.redhat.com/errata/RHSA-2015-0079.html
RedHat Security Advisories: RHSA-2015:0080
http://rhn.redhat.com/errata/RHSA-2015-0080.html
RedHat Security Advisories: RHSA-2015:0085
http://rhn.redhat.com/errata/RHSA-2015-0085.html
RedHat Security Advisories: RHSA-2015:0086
http://rhn.redhat.com/errata/RHSA-2015-0086.html
RedHat Security Advisories: RHSA-2015:0136
http://rhn.redhat.com/errata/RHSA-2015-0136.html
RedHat Security Advisories: RHSA-2015:0264
http://rhn.redhat.com/errata/RHSA-2015-0264.html
http://www.securitytracker.com/id/1031580
SuSE Security Announcement: SUSE-SU-2015:0336 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html
SuSE Security Announcement: SUSE-SU-2015:0503 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html
SuSE Security Announcement: openSUSE-SU-2015:0190 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html
http://www.ubuntu.com/usn/USN-2486-1
http://www.ubuntu.com/usn/USN-2487-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-6591
BugTraq ID: 72175
http://www.securityfocus.com/bid/72175
Common Vulnerability Exposure (CVE) ID: CVE-2014-7923
BugTraq ID: 72288
http://www.securityfocus.com/bid/72288
http://security.gentoo.org/glsa/glsa-201502-13.xml
https://security.gentoo.org/glsa/201503-06
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
RedHat Security Advisories: RHSA-2015:0093
http://rhn.redhat.com/errata/RHSA-2015-0093.html
http://www.securitytracker.com/id/1031623
http://secunia.com/advisories/62383
http://secunia.com/advisories/62575
http://secunia.com/advisories/62665
SuSE Security Announcement: openSUSE-SU-2015:0441 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.html
http://www.ubuntu.com/usn/USN-2476-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-7926
Common Vulnerability Exposure (CVE) ID: CVE-2014-7940
Common Vulnerability Exposure (CVE) ID: CVE-2014-9654
http://openwall.com/lists/oss-security/2015/02/05/15
http://www.securitytracker.com/id/1035410
CopyrightCopyright (C) 2015 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2022 E-Soft Inc. All rights reserved.