Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.5
CVSSv3

CVE-2017-15422

Published: 28/08/2018 Updated: 07/11/2023
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Subscribe to Google

Vulnerability Summary

Integer overflow in international date handling in International Components for Unicode (ICU) for C/C++ prior to 60.1, as used in V8 in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote malicious user to perform an out of bounds memory read via a crafted HTML page.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

google chrome

icu-project international components for unicode

debian debian linux 8.0

debian debian linux 9.0

canonical ubuntu linux 16.04

canonical ubuntu linux 14.04

canonical ubuntu linux 17.10

redhat enterprise linux desktop 6.0

redhat enterprise linux server 6.0

redhat enterprise linux workstation 6.0

Vendor Advisories

Red Hat: Critical: chromium-browser security update
Synopsis Critical: chromium-browser security update Type/Severity Security Advisory: Critical Topic An update for chromium-browser is now available for Red Hat Enterprise Linux 6 SupplementaryRed Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scor ...
Debian CVElist Bug Report Logs: CVE-2017-15422
Debian Bug report logs - #892766 CVE-2017-15422 Package: src:icu; Maintainer for src:icu is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Mon, 12 Mar 2018 18:57:02 UTC Severity: grave Tags: fixed-upstream, security, upstream Found in versions icu/571-1, icu/571-8 ...
Ubuntu Security Notice: icu vulnerability
ICU could be made to crash if it received specially crafted input ...
Debian Security Advisories: DSA-4150-1 icu -- security update
It was discovered that an integer overflow in the International Components for Unicode (ICU) library could result in denial of service and potentially the execution of arbitrary code For the oldstable distribution (jessie), this problem has been fixed in version 521-8+deb8u7 For the stable distribution (stretch), this problem has been fixed in v ...
Red Hat: CVE-2017-15422
Integer overflow in international date handling in International Components for Unicode (ICU) for C/C++ before 601, as used in V8 in Google Chrome prior to 630323984 and other products, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page ...
Arch Linux Issues:
An integer overflow has been found in the ICU component of the Chromium browser before 630323984 ...

References

CWE-190https://www.debian.org/security/2018/dsa-4150https://crbug.com/774382https://usn.ubuntu.com/3610-1/https://access.redhat.com/errata/RHSA-2017:3401https://security.gentoo.org/glsa/201801-03https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.htmlhttps://access.redhat.com/errata/RHSA-2017:3401https://usn.ubuntu.com/3610-1/https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypassCVE-2024-30051remoteCVE-2024-27954CVE-2023-51483CVE-2023-47782SSRFCVE-2024-24715CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook