Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.8
CVSSv3

CVE-2016-7415

Published: 17/09/2016 Updated: 23/04/2019
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to International Components For Unicode

Vulnerability Summary

Stack-based buffer overflow in the Locale class in common/locid.cpp in International Components for Unicode (ICU) up to and including 57.1 for C/C++ allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via a long locale string.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

icu-project international components for unicode

Vendor Advisories

Debian CVElist Bug Report Logs: icu: CVE-2016-7415: Stack based buffer overflow in locid.cpp
Debian Bug report logs - #838694 icu: CVE-2016-7415: Stack based buffer overflow in locidcpp Package: src:icu; Maintainer for src:icu is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 23 Sep 2016 17:27:01 UTC Severity: important Tags: security, upstream F ...
Ubuntu Security Notice: icu vulnerabilities
Several security issues were fixed in ICU ...
Debian Security Advisories: DSA-3725-1 icu -- security update
Several vulnerabilities were discovered in the International Components for Unicode (ICU) library CVE-2014-9911 Michele Spagnuolo discovered a buffer overflow vulnerability which might allow remote attackers to cause a denial of service or possibly execute arbitrary code via crafted text CVE-2015-2632 An integer overflow vulnerab ...
Red Hat: CVE-2016-7415
Stack-based buffer overflow in the Locale class in common/locidcpp in International Components for Unicode (ICU) through 571 for C/C++ allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long locale string ...
Tenable Security Advisories: [R6] SecurityCenter 5.4.1 Fixes Multiple Vulnerabilities
SecurityCenter has recently been discovered to have several vulnerabilities Two were reported by external parties while the rest were discovered during internal testing Note that the library vulnerabilities were not fully diagnosed so SecurityCenter may or may not be impacted Tenable opted to upgrade the libraries as it was more efficient Detai ...

References

CWE-119https://bugs.php.net/bug.php?id=73007http://www.openwall.com/lists/oss-security/2016/09/15/10http://www.securityfocus.com/bid/93022https://security.gentoo.org/glsa/201701-58https://www.tenable.com/security/tns-2016-19https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.htmlhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=838694https://nvd.nist.govhttps://usn.ubuntu.com/3227-1/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367CVE-2024-35977CVE-2023-49335man-in-the-middleCVE-2024-4947CVE-2024-31714memory leakSQLCVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook