Atte Kettunen discovered that ICU incorrectly handled certain converter names. If an application using ICU processed crafted data, a remote attacker could possibly cause it to crash. (CVE-2015-1270)
It was discovered that ICU incorrectly handled certain memory operations when processing data. If an application using ICU processed crafted data, a remote attacker could possibly cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. (CVE-2015-2632, CVE-2015-4760)
{ "availability": "No subscription required", "binaries": [ { "libicu-dev-dbgsym": "52.1-3ubuntu0.4", "icu-doc": "52.1-3ubuntu0.4", "libicu-dev": "52.1-3ubuntu0.4", "icu-devtools": "52.1-3ubuntu0.4", "libicu52-dbg": "52.1-3ubuntu0.4", "libicu52-dbgsym": "52.1-3ubuntu0.4", "libicu52": "52.1-3ubuntu0.4", "icu-devtools-dbgsym": "52.1-3ubuntu0.4" } ] }