CVE

Id
77212  
CVE No.
CVE-2014-9911  
Status
Candidate  
Description
Stack-based buffer overflow in the ures_getByKeyWithFallback function in common/uresbund.cpp in International Components for Unicode (ICU) before 54.1 for C/C++ allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted uloc_getDisplayName call.  
Phase
Assigned (20161124)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
707618 77212 CVE-2014-9911 MLIST:[oss-security] 20161124 Re: CVE request: icu: stack-based buffer overflow in uloc_getDisplayName  View
707619 77212 CVE-2014-9911 URL:http://www.openwall.com/lists/oss-security/2016/11/25/1  View
707620 77212 CVE-2014-9911 CONFIRM:http://bugs.icu-project.org/trac/changeset/35699  View
707621 77212 CVE-2014-9911 CONFIRM:http://bugs.icu-project.org/trac/ticket/1089  View
707622 77212 CVE-2014-9911 CONFIRM:https://bugs.php.net/bug.php?id=67397  View
707623 77212 CVE-2014-9911 CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1383569  View
707624 77212 CVE-2014-9911 BID:94520  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
5710 JVNDB-2015-001030 複数の Microsoft Windows 製品の Windows Error Reporting コンポーネントにおける Protected Process Light 保護メカニズムを回避される脆弱性 複数の Microsoft Windows 製品の Windows Error Reporting (WER) コンポーネントには、Protected Process Light 保護メカニズムを回避され、任意のプロセスメモリ領域のコンテンツを読まれる脆弱性が存在します。 CVE-2015-0001 77212 1.9 http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-001030.html  View