International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_moveIndex32* function.
References
Link | Resource |
---|---|
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=437 | Third Party Advisory |
http://bugs.icu-project.org/trac/changeset/39671 | Patch |
http://www.securityfocus.com/bid/97674 | Third Party Advisory VDB Entry |
https://security.gentoo.org/glsa/201710-03 | Third Party Advisory |
http://www.debian.org/security/2017/dsa-3830 | Third Party Advisory |
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html |
Information
Published : 2017-04-13 21:59
Updated : 2019-04-23 12:31
NVD link : CVE-2017-7868
Mitre link : CVE-2017-7868
JSON object : View
CWE
CWE-787
Out-of-bounds Write
Products Affected
icu-project
- international_components_for_unicode
debian
- debian_linux