Lucene search

K

Gentoo FoundationMGASA-2015-0102

HistoryMar 10, 2015 - 7:48 p.m.

Updated icu packages fix security vulnerability

2015-03-1019:48:25

Gentoo Foundation

advisories.mageia.org

40

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

EPSS

0.008

Percentile

82.0%

It was discovered that ICU incorrectly handled memory operations when processing fonts. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program (CVE-2014-6585, CVE-2014-6591).

OSVersionArchitecturePackageVersionFilename
Mageia4noarchicu< 52.1-2.2icu-52.1-2.2.mga4

References

www.ubuntu.com/usn/usn-2522-1/

bugs.mageia.org/show_bug.cgi?id=15435

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

EPSS

0.008

Percentile

82.0%

Related for MGASA-2015-0102

nessus64 prion2 debiancve2 veracode2 cvelist2 openvas47 nvd2 cve2 fedora6 ubuntucve2 redhat13 securityvulns2 osv5 ubuntu5 debian7 f54 centos4 amazon3 oraclelinux4 mageia1 ibm10 suse3 aix1 archlinux4 gentoo1 kaspersky1