A stack buffer overflow in NumberingSystem in International Components for Unicode (ICU) for C/C++ before 60.2, as used in V8 in Google Chrome prior to 62.0.3202.75 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
{ "vanir_signatures": [ { "deprecated": false, "digest": { "function_hash": "192840441545114378619813250366979318845", "length": 738.0 }, "source": "https://github.com/unicode-org/icu/commit/e387c69929ca8efd74b18c003818eaf1aa72796e", "signature_type": "Function", "id": "CVE-2017-15396-0665be7a", "signature_version": "v1", "target": { "function": "Calendar::Calendar", "file": "icu4c/source/i18n/calendar.cpp" } }, { "deprecated": false, "digest": { "line_hashes": [ "325685802249717243591186478154447385681", "330425111751708711986405029191010233063", "302617518288185007915410602740154765375", "65927760232024905311805398030519512192", "220088122259980491942425324046117488059", "334568181182330390454228188089148380707", "70812089052326599596021665023762728037", "325685802249717243591186478154447385681", "330425111751708711986405029191010233063", "302617518288185007915410602740154765375", "65927760232024905311805398030519512192", "11214167307563743030815599546084798569", "32851899556968729898458798557357405502", "183229318103647865732631129237705043188", "325685802249717243591186478154447385681", "330425111751708711986405029191010233063", "302617518288185007915410602740154765375", "65927760232024905311805398030519512192", "11214167307563743030815599546084798569", "32851899556968729898458798557357405502", "183229318103647865732631129237705043188", "140052210765090965669177173444601724255", "57828577385504098153271804074135426384", "263624532797666685604441857636028381824", "101436063379484036608588423828308594749" ], "threshold": 0.9 }, "source": "https://github.com/unicode-org/icu/commit/e387c69929ca8efd74b18c003818eaf1aa72796e", "signature_type": "Line", "id": "CVE-2017-15396-639f56a1", "signature_version": "v1", "target": { "file": "icu4c/source/i18n/calendar.cpp" } }, { "deprecated": false, "digest": { "function_hash": "313906442919399688347780690747714393675", "length": 1156.0 }, "source": "https://github.com/unicode-org/icu/commit/e387c69929ca8efd74b18c003818eaf1aa72796e", "signature_type": "Function", "id": "CVE-2017-15396-8515c455", "signature_version": "v1", "target": { "function": "operator=", "file": "icu4c/source/i18n/calendar.cpp" } }, { "deprecated": false, "digest": { "function_hash": "36907280711190410477535904309479707110", "length": 605.0 }, "source": "https://github.com/unicode-org/icu/commit/e387c69929ca8efd74b18c003818eaf1aa72796e", "signature_type": "Function", "id": "CVE-2017-15396-951fc50c", "signature_version": "v1", "target": { "function": "Calendar::Calendar", "file": "icu4c/source/i18n/calendar.cpp" } }, { "deprecated": false, "digest": { "function_hash": "213150955025431990309305928145694457188", "length": 618.0 }, "source": "https://github.com/unicode-org/icu/commit/e387c69929ca8efd74b18c003818eaf1aa72796e", "signature_type": "Function", "id": "CVE-2017-15396-b6217108", "signature_version": "v1", "target": { "function": "Calendar::Calendar", "file": "icu4c/source/i18n/calendar.cpp" } } ] }