CVE-2008-1036

EPSS 2.6%

icu - cross site scripting

Published: 6/2/2008Modified: 4/28/2026

Description

The International Components for Unicode (ICU) library in Apple Mac OS X before 10.5.3, Red Hat Enterprise Linux 5, and other operating systems omits some invalid character sequences during conversion of some character encodings, which might allow remote attackers to conduct cross-site scripting (XSS) attacks.

Affected packages (2)

Debian/icufrom 0, < 4.0.1-1
Debian/icufrom 0, < 3.6-2etch2

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2008-1036