10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
6.3 Medium
AI Score
Confidence
Low
0.057 Low
EPSS
Percentile
93.4%
It was discovered that ICU incorrectly handled memory operations when
processing fonts. If an application using ICU processed crafted data, an
attacker could cause it to crash or potentially execute arbitrary code with
the privileges of the user invoking the program. This issue only affected
Ubuntu 12.04 LTS. (CVE-2013-1569, CVE-2013-2383, CVE-2013-2384,
CVE-2013-2419)
It was discovered that ICU incorrectly handled memory operations when
processing fonts. If an application using ICU processed crafted data, an
attacker could cause it to crash or potentially execute arbitrary code with
the privileges of the user invoking the program. (CVE-2014-6585,
CVE-2014-6591)
It was discovered that ICU incorrectly handled memory operations when
processing regular expressions. If an application using ICU processed
crafted data, an attacker could cause it to crash or potentially execute
arbitrary code with the privileges of the user invoking the program.
(CVE-2014-7923, CVE-2014-7926, CVE-2014-9654)
It was discovered that ICU collator implementation incorrectly handled
memory operations. If an application using ICU processed crafted data, an
attacker could cause it to crash or potentially execute arbitrary code with
the privileges of the user invoking the program. (CVE-2014-7940)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 14.10 | noarch | libicu52 | < 52.1-6ubuntu0.2 | UNKNOWN |
Ubuntu | 14.10 | noarch | icu-devtools | < 52.1-6ubuntu0.2 | UNKNOWN |
Ubuntu | 14.10 | noarch | libicu-dev | < 52.1-6ubuntu0.2 | UNKNOWN |
Ubuntu | 14.10 | noarch | libicu52-dbg | < 52.1-6ubuntu0.2 | UNKNOWN |
Ubuntu | 14.04 | noarch | libicu52 | < 52.1-3ubuntu0.2 | UNKNOWN |
Ubuntu | 14.04 | noarch | icu-devtools | < 52.1-3ubuntu0.2 | UNKNOWN |
Ubuntu | 14.04 | noarch | libicu-dev | < 52.1-3ubuntu0.2 | UNKNOWN |
Ubuntu | 14.04 | noarch | libicu52-dbg | < 52.1-3ubuntu0.2 | UNKNOWN |
Ubuntu | 12.04 | noarch | libicu48 | < 4.8.1.1-3ubuntu0.3 | UNKNOWN |
Ubuntu | 12.04 | noarch | lib32icu-dev | < 4.8.1.1-3ubuntu0.3 | UNKNOWN |
ubuntu.com/security/CVE-2013-1569
ubuntu.com/security/CVE-2013-2383
ubuntu.com/security/CVE-2013-2384
ubuntu.com/security/CVE-2013-2419
ubuntu.com/security/CVE-2014-6585
ubuntu.com/security/CVE-2014-6591
ubuntu.com/security/CVE-2014-7923
ubuntu.com/security/CVE-2014-7926
ubuntu.com/security/CVE-2014-7940
ubuntu.com/security/CVE-2014-9654
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
6.3 Medium
AI Score
Confidence
Low
0.057 Low
EPSS
Percentile
93.4%