The uloc_acceptLanguageFromHTTP function in common/uloc.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ does not ensure that there is a '\0' character at the end of a certain temporary array, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a call with a long httpAcceptLanguage argument.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "libicu-dev-dbgsym": "52.1-3ubuntu0.5", "icu-doc": "52.1-3ubuntu0.5", "libicu-dev": "52.1-3ubuntu0.5", "icu-devtools": "52.1-3ubuntu0.5", "libicu52-dbg": "52.1-3ubuntu0.5", "libicu52-dbgsym": "52.1-3ubuntu0.5", "libicu52": "52.1-3ubuntu0.5", "icu-devtools-dbgsym": "52.1-3ubuntu0.5" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "libicu55": "55.1-7ubuntu0.1", "libicu-dev-dbgsym": "55.1-7ubuntu0.1", "icu-doc": "55.1-7ubuntu0.1", "libicu-dev": "55.1-7ubuntu0.1", "icu-devtools": "55.1-7ubuntu0.1", "libicu55-dbgsym": "55.1-7ubuntu0.1", "icu-devtools-dbgsym": "55.1-7ubuntu0.1", "libicu55-dbg": "55.1-7ubuntu0.1" } ] }