CVE-2014-8146 (retired)

Priority
Description
The resolveImplicitLevels function in common/ubidi.c in the Unicode
Bidirectional Algorithm implementation in ICU4C in International Components
for Unicode (ICU) before 55.1 does not properly track directionally
isolated pieces of text, which allows remote attackers to cause a denial of
service (heap-based buffer overflow) or possibly execute arbitrary code via
crafted text.
Assigned-to
mdeslaur
Notes
Package
Source: icu (LP Ubuntu Debian)
Upstream:released (55.1)
Patches:
Upstream:http://bugs.icu-project.org/trac/changeset/37162
More Information

Updated: 2019-10-09 07:51:14 UTC (commit 33aea848a182c0afcd0a3f927a01a7ecd9a061ee)