CVE-2016-7415

Priority
Medium
Description
Stack-based buffer overflow in the Locale class in common/locid.cpp in
International Components for Unicode (ICU) through 57.1 for C/C++ allows
remote attackers to cause a denial of service (application crash) or
possibly have unspecified other impact via a long locale string.
References
Package
Source: icu (LP Ubuntu Debian)
Upstream:released (57.1-5)
Ubuntu 17.10 (Artful Aardvark):not-affected (57.1-5)
Ubuntu 12.04 ESM (Precise Pangolin):released (4.8.1.1-3ubuntu0.7)
Ubuntu 14.04 LTS (Trusty Tahr):released (52.1-3ubuntu0.5)
Ubuntu Touch 15.04:needed
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (55.1-7ubuntu0.1)
Ubuntu 16.10 (Yakkety Yak):released (57.1-4ubuntu0.1)
Ubuntu 17.04 (Zesty Zapus):not-affected (57.1-5)
More Information

Updated: 2017-05-10 22:27:48 UTC (commit 12521)