CVE-2015-2059

Related Files

Ubuntu Security Notice USN-3068-1

Posted Aug 24, 2016

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3068-1 - Thijs Alkemade, Gustavo Grieco, Daniel Stenberg, and Nikos Mavrogiannopoulos discovered that Libidn incorrectly handled invalid UTF-8 characters. A remote attacker could use this issue to cause Libidn to crash, resulting in a denial of service, or possibly disclose sensitive memory. This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Hanno Boeck discovered that Libidn incorrectly handled certain input. A remote attacker could possibly use this issue to cause Libidn to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service

systems | linux, ubuntu

advisories | CVE-2015-2059, CVE-2015-8948, CVE-2016-6261, CVE-2016-6262, CVE-2016-6263

SHA-256 | 8fc65e056c00aacb74043701fa23c5a3940d45a27528289ab166ee40c36e2a52

Download | Favorite | View

Debian Security Advisory 3578-1

Posted May 16, 2016

Authored by Debian | Site debian.org

Debian Linux Security Advisory 3578-1 - It was discovered that libidn, the GNU library for Internationalized Domain Names (IDNs), did not correctly handle invalid UTF-8 input, causing an out-of-bounds read. This could allow attackers to disclose sensitive information from an application using the libidn library.

tags | advisory

systems | linux, debian

advisories | CVE-2015-2059

SHA-256 | 0f6df94ca20bee4e1e8ac06f0e309a5d702366a562dcfdf9f35c4080410948d4

Download | Favorite | View