Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
668
VMScore

CVE-2017-14062

Published: 31/08/2017 Updated: 07/12/2020
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Gnu

Vulnerability Summary

Integer overflow in the decode_digit function in puny_decode.c in Libidn2 prior to 2.0.4 allows remote malicious users to cause a denial of service or possibly have unspecified other impact.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

gnu libidn2

debian debian linux 8.0

debian debian linux 9.0

debian debian linux 10.0

Vendor Advisories

Debian CVElist Bug Report Logs: libidn2-0: CVE-2017-14062: integer overflow in decode_digit
Debian Bug report logs - #873902 libidn2-0: CVE-2017-14062: integer overflow in decode_digit Package: src:libidn2-0; Maintainer for src:libidn2-0 is Debian Libidn team <help-libidn@gnuorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 1 Sep 2017 04:57:02 UTC Severity: important Tags: patch, secu ...
Debian CVElist Bug Report Logs: libidn2-0: CVE-2017-14061: integer overflow in _isBidi function
Debian Bug report logs - #873904 libidn2-0: CVE-2017-14061: integer overflow in _isBidi function Package: src:libidn2-0; Maintainer for src:libidn2-0 is Debian Libidn team <help-libidn@gnuorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 1 Sep 2017 05:12:02 UTC Severity: important Tags: patch, ...
Debian Security Advisories: DSA-3988-1 libidn2-0 -- security update
An integer overflow vulnerability was discovered in decode_digit() in libidn2-0, the GNU library for Internationalized Domain Names (IDNs), allowing a remote attacker to cause a denial of service against an application using the library (application crash) For the oldstable distribution (jessie), this problem has been fixed in version 010-2+deb8u ...
Ubuntu Security Notice: libidn vulnerability
Libidn could be made to crash or run programs if it processed specially crafted input ...
Ubuntu Security Notice: libidn vulnerability
Libidn could be made to crash or run programs if it processed specially crafted input ...
Ubuntu Security Notice: libidn2-0 vulnerability
Libidn2 could be made to crash if it received specially crafted input ...
Red Hat: CVE-2017-14062
Integer overflow in the decode_digit function in puny_decodec in Libidn2 before 204 allows remote attackers to cause a denial of service or possibly have unspecified other impact ...

References

CWE-190https://gitlab.com/libidn/libidn2/commit/3284eb342cd0ed1a18786e3fcdf0cdd7e76676bdhttps://gitlab.com/libidn/libidn2/blob/master/NEWShttp://www.debian.org/security/2017/dsa-3988https://lists.debian.org/debian-lts-announce/2018/07/msg00040.htmlhttps://nvd.nist.govhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873902https://usn.ubuntu.com/3434-2/https://www.debian.org/security/./dsa-3988
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversalCVE-2024-26978CVE-2024-26982wirelessCVE-2023-6949CVE-2024-26980CVE-2024-32766CVE-2024-26939cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook