CVE-2015-1270

描述

The ucnv_io_getConverterName function in common/ucnv_io.cpp in International Components for Unicode (ICU), as used in Google Chrome before 44.0.2403.89, mishandles converter names with initial x- substrings, which allows remote attackers to cause a denial of service (read of uninitialized memory) or possibly have unspecified other impact via a crafted file.

受影響套件(2)

• Debian/icufrom 0, < 55.1-5
• Debian/icufrom 0, < 52.1-8+deb8u3

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2015-1270