AVG-504

Package icu
Status Fixed
Severity Critical
Type arbitrary code execution
Affected 59.1-1
Fixed 60.1-1
Current 63.1-2 [core]
Ticket None
Created Sun Nov 19 14:43:09 2017
Issue Severity Remote Type Description
CVE-2017-14952 Critical Yes Arbitrary code execution
Double free in i18n/zonemeta.cpp in International Components for Unicode (ICU) for C/C++ through 59.1 allows remote attackers to execute arbitrary code via...
Date Advisory Package Description
19 Nov 2017 ASA-201711-25 icu arbitrary code execution
References
http://bugs.icu-project.org/trac/changeset/40324/trunk/icu4c/source/i18n/zonemeta.cpp
http://www.sourcebrella.com/blog/double-free-vulnerability-international-components-unicode-icu/