Vulnerabilities for Libidn (...) - CXSECURITY.COM

Vulnerabilities for 'Libidn'

2016-09-07

CVE-2016-6263

The stringprep_utf8_nfkc_normalize function in lib/nfkc.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted UTF-8 data.

CVE-2016-6262

CWE-125

idn in libidn before 1.33 might allow remote attackers to obtain sensitive memory information by reading a zero byte as input, which triggers an out-of-bounds read, a different vulnerability than CVE-2015-8948.

CVE-2016-6261

CWE-125

The idna_to_ascii_4i function in lib/idna.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via 64 bytes of input.

CVE-2015-8948

CWE-125

idn in GNU libidn before 1.33 might allow remote attackers to obtain sensitive memory information by reading a zero byte as input, which triggers an out-of-bounds read.

2015-08-12

CVE-2015-2059

CWE-119

The stringprep_utf8_to_ucs4 function in libin before 1.31, as used in jabberd2, allows context-dependent attackers to read system memory and possibly have other unspecified impact via invalid UTF-8 characters in a string, which triggers an out-of-bounds read.

>>> Vendor: GNU 108 Products

Data display debugger

Realtime linux security module

Gnutls libtasn1

See all Products for Vendor GNU

Copyright 2024, cxsecurity.com