The Regular Expressions package in International Components for Unicode (ICU) for C/C++ prior to 2014-12-03, as used in Google Chrome prior to 40.0.2214.91, calculates certain values without ensuring that they can be represented in a 24-bit field, which allows remote malicious users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted string, a related issue to CVE-2014-7923.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
google chrome |
||
icu-project international components for unicode |