CVSS: 7.5EPSS: 2%CPEs: 6EXPL: 0CVE-2015-8948 – Ubuntu Security Notice USN-3068-1
https://notcve.org/view.php?id=CVE-2015-8948
24 Aug 2016 — idn in GNU libidn before 1.33 might allow remote attackers to obtain sensitive memory information by reading a zero byte as input, which triggers an out-of-bounds read. idn en GNU libidn en versiones anteriores a 1.33 podría permitir a atacantes remotos obtener información de memoria sensible mediante la lectura de un byte cero como entrada, lo que desencadena una lectura fuera de rango. Thijs Alkemade, Gustavo Grieco, Daniel Stenberg, and Nikos Mavrogiannopoulos discovered that Libidn incorrectly handled i... • http://git.savannah.gnu.org/cgit/libidn.git/commit/?id=570e68886c41c2e765e6218cb317d9a9a447a041 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 4%CPEs: 5EXPL: 0CVE-2016-6261 – Ubuntu Security Notice USN-3068-1
https://notcve.org/view.php?id=CVE-2016-6261
24 Aug 2016 — The idna_to_ascii_4i function in lib/idna.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via 64 bytes of input. La función idna_to_ascii_4i en lib/idna.c en libidn en versiones anteriores a 1.33 permite a atacantes dependientes del contexto provocar una denegación de servicio (lectura fuera de límites y caída) a través de 64 bytes de entrada. Thijs Alkemade, Gustavo Grieco, Daniel Stenberg, and Nikos Mavrogiannopoulos discovered that Li... • http://git.savannah.gnu.org/cgit/libidn.git/commit/?id=f20ce1128fb7f4d33297eee307dddaf0f92ac72d • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 2%CPEs: 6EXPL: 0CVE-2016-6262 – Ubuntu Security Notice USN-3068-1
https://notcve.org/view.php?id=CVE-2016-6262
24 Aug 2016 — idn in libidn before 1.33 might allow remote attackers to obtain sensitive memory information by reading a zero byte as input, which triggers an out-of-bounds read, a different vulnerability than CVE-2015-8948. idn en libidn en versiones anteriores a 1.33 podría permitir a atacantes remotos obtener información de memoria sensible mediante la lectura de un byte cero como entrada, lo que desencadena una lectura fuera de límites, una vulnerabilidad diferente a CVE-2015-8948. Thijs Alkemade, Gustavo Grieco, Dan... • http://git.savannah.gnu.org/cgit/libidn.git/commit/?id=5e3cb9c7b5bf0ce665b9d68f5ddf095af5c9ba60 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 4%CPEs: 1EXPL: 0CVE-2016-6263 – Gentoo Linux Security Advisory 201908-06
https://notcve.org/view.php?id=CVE-2016-6263
24 Aug 2016 — The stringprep_utf8_nfkc_normalize function in lib/nfkc.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted UTF-8 data. La función stringprep_utf8_nfkc_normalize en lib/nfkc.c en libidn en versiones anteriores a 1.33 permite a atacantes dependientes del contexto provocar una denegación de servicio (lectura fuera de límites y caída) a través de datos UTF-8 manipulados. Thijs Alkemade, Gustavo Grieco, Daniel Stenberg, and Nikos Mav... • http://git.savannah.gnu.org/cgit/libidn.git/commit/?id=1fbee57ef3c72db2206dd87e4162108b2f425555 • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0CVE-2015-2059 – Ubuntu Security Notice USN-3068-1
https://notcve.org/view.php?id=CVE-2015-2059
12 Aug 2015 — The stringprep_utf8_to_ucs4 function in libin before 1.31, as used in jabberd2, allows context-dependent attackers to read system memory and possibly have other unspecified impact via invalid UTF-8 characters in a string, which triggers an out-of-bounds read. Vulnerabilidad en la función stringprep_utf8_to_ucs4 en libin en versiones anteriores a 1.31, tal como se utiliza en jabberd2, permite a atacantes dependientes del contexto leer la memoria del sistema y posiblemente tener otro impacto no especificado a... • http://git.savannah.gnu.org/cgit/libidn.git/commit/?id=2e97c279 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •