#VU13053 Out-of-bounds read in icu - CVE-2016-6293

Cybersecurity Help s.r.o.

Published: 2018-05-30

Vulnerability identifier: #VU13053

Vulnerability risk: Low

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2016-6293

CWE-ID: CWE-125

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
icu
Universal components / Libraries / Libraries used by multiple products

Vendor: ICU - International Components for Unicode

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to the uloc_acceptLanguageFromHTTP function in common/uloc.cpp for C/C++ does not ensure that there is a '' character at the end of a certain temporary array. A remote unauthenticated attacker can supply a call with a long httpAcceptLanguage argument, trigger out-of-bounds read and cause the service to crash.

Mitigation
Update to version 57.1.

Vulnerable software versions

icu: 49.1 - 56.1

External links
https://git.php.net/?p=php-src.git;a=commit;h=aa82e99ed8003c01f1ef4f0940e56b85c5b032d4

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

OpenSUSE Linux update for icu

Out-of-bounds read in phpmyadmin (Alpine package)