CVE-2011-4599
published 2012-06-21CVE-2011-4599: Stack-based buffer overflow in the _canonicalize function in common/uloc.c in International Components for Unicode (ICU) before 49.1 allows remote attackers to…
PriorityP349high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
8.00%
94.0th percentile
Stack-based buffer overflow in the _canonicalize function in common/uloc.c in International Components for Unicode (ICU) before 49.1 allows remote attackers to execute arbitrary code via a crafted locale ID that is not properly handled during variant canonicalization.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | icu | < icu 4.8.1.1-3 (bookworm) | icu 4.8.1.1-3 (bookworm) |
| icu-project | international_components_for_unicode | < 49.1 | 49.1 |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
vendor_debian7.5HIGH
vendor_redhat7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
ICU vulnerability
vendor_ubuntu·2012-01-26
CVE-2011-4599 ICU vulnerability
Title: ICU vulnerability
Summary: ICU could be made to crash or run programs as your login if it
opened specially crafted data.
It was discovered that ICU did not properly handle invalid locale data
during Unicode conversion. If an application using ICU processed crafted
data, an attacker could cause it to crash or potentially execute arbitrary
code with the privileges of the user invoking the program.
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
icu: Stack-based buffer overflow by canonicalizing the given localeID
vendor_redhat·2011-12-07·CVSS 7.5
CVE-2011-4599 [HIGH] CWE-121 icu: Stack-based buffer overflow by canonicalizing the given localeID
icu: Stack-based buffer overflow by canonicalizing the given localeID
Stack-based buffer overflow in the _canonicalize function in common/uloc.c in International Components for Unicode (ICU) before 49.1 allows remote attackers to execute arbitrary code via a crafted locale ID that is not properly handled during variant canonicalization.
Debian
CVE-2011-4599: icu - Stack-based buffer overflow in the _canonicalize function in common/uloc.c in In...
vendor_debian·2011·CVSS 7.5
CVE-2011-4599 [HIGH] CVE-2011-4599: icu - Stack-based buffer overflow in the _canonicalize function in common/uloc.c in In...
Stack-based buffer overflow in the _canonicalize function in common/uloc.c in International Components for Unicode (ICU) before 49.1 allows remote attackers to execute arbitrary code via a crafted locale ID that is not properly handled during variant canonicalization.
Scope: local
bookworm: resolved (fixed in 4.8.1.1-3)
bullseye: resolved (fixed in 4.8.1.1-3)
forky: resolved (fixed in 4.8.1.1-3)
sid: resolved (fixed in 4.8.1.1-3)
trixie: resolved (fixed in 4.8.1.1-3)
GHSA
GHSA-95hv-27rj-qc2p: Stack-based buffer overflow in the _canonicalize function in common/uloc
ghsa_unreviewed·2022-05-14
CVE-2011-4599 [HIGH] CWE-119 GHSA-95hv-27rj-qc2p: Stack-based buffer overflow in the _canonicalize function in common/uloc
Stack-based buffer overflow in the _canonicalize function in common/uloc.c in International Components for Unicode (ICU) before 49.1 allows remote attackers to execute arbitrary code via a crafted locale ID that is not properly handled during variant canonicalization.
OSV
CVE-2011-4599: Stack-based buffer overflow in the _canonicalize function in common/uloc
osv·2012-06-21·CVSS 7.5
CVE-2011-4599 [HIGH] CVE-2011-4599: Stack-based buffer overflow in the _canonicalize function in common/uloc
Stack-based buffer overflow in the _canonicalize function in common/uloc.c in International Components for Unicode (ICU) before 49.1 allows remote attackers to execute arbitrary code via a crafted locale ID that is not properly handled during variant canonicalization.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2011-4599 icu: Stack-based buffer overflow by canonicalizing the given localeID [fedora-all]
bugzilla·2011-12-12·CVSS 7.5
CVE-2011-4599 [HIGH] CVE-2011-4599 icu: Stack-based buffer overflow by canonicalizing the given localeID [fedora-all]
CVE-2011-4599 icu: Stack-based buffer overflow by canonicalizing the given localeID [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include this bug ID and the
bug IDs of this bug's parent bugs filed against the "Security Response"
product (the top-level CVE bugs). Please mention the CVE IDs being fixed
in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/update
Bugzilla
CVE-2011-4599 icu: Stack-based buffer overflow by canonicalizing the given localeID
bugzilla·2011-12-09·CVSS 7.5
CVE-2011-4599 [HIGH] CVE-2011-4599 icu: Stack-based buffer overflow by canonicalizing the given localeID
CVE-2011-4599 icu: Stack-based buffer overflow by canonicalizing the given localeID
A stack-based buffer overflow flaw was found in the way ICU, the tools and utilities for developing with International Components for Unicode, performed variant canonicalization for the given locale identifier. A remote attacker could provide a specially-crafted locale representation, which once opened by an unsuspecting, local user in an application, linked against ICU library, could lead to crash of that application or possibly execute arbitrary code with the permissions of the user running the application.
References:
[1] http://bugs.icu-project.org/trac/ticket/8984
(upstream ticket)
[2] http://crbug.com/106441
(Google Chrome bug, not public)
[3] http://codereview.chromium.org/8822005/
(Google Chrome c
http://bugs.icu-project.org/trac/ticket/8984http://code.google.com/p/chromium/issues/detail?id=106441http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.htmlhttp://lists.apple.com/archives/security-announce/2012/Sep/msg00004.htmlhttp://lists.opensuse.org/opensuse-updates/2012-01/msg00035.htmlhttp://rhn.redhat.com/errata/RHSA-2011-1815.htmlhttp://secunia.com/advisories/47146http://secunia.com/advisories/47227http://secunia.com/advisories/47674http://secunia.com/advisories/47714http://secunia.com/advisories/47775http://support.apple.com/kb/HT5501http://support.apple.com/kb/HT5503http://ubuntu.com/usn/usn-1348-1http://www.debian.org/security/2012/dsa-2397http://www.mandriva.com/security/advisories?name=MDVSA-2011:194http://www.openwall.com/lists/oss-security/2011/12/09/2http://www.openwall.com/lists/oss-security/2011/12/09/5http://www.osvdb.org/77698http://www.securityfocus.com/bid/51006https://exchange.xforce.ibmcloud.com/vulnerabilities/71726http://bugs.icu-project.org/trac/ticket/8984http://code.google.com/p/chromium/issues/detail?id=106441http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.htmlhttp://lists.apple.com/archives/security-announce/2012/Sep/msg00004.htmlhttp://lists.opensuse.org/opensuse-updates/2012-01/msg00035.htmlhttp://rhn.redhat.com/errata/RHSA-2011-1815.htmlhttp://secunia.com/advisories/47146http://secunia.com/advisories/47227http://secunia.com/advisories/47674http://secunia.com/advisories/47714http://secunia.com/advisories/47775http://support.apple.com/kb/HT5501http://support.apple.com/kb/HT5503http://ubuntu.com/usn/usn-1348-1http://www.debian.org/security/2012/dsa-2397http://www.mandriva.com/security/advisories?name=MDVSA-2011:194http://www.openwall.com/lists/oss-security/2011/12/09/2http://www.openwall.com/lists/oss-security/2011/12/09/5http://www.osvdb.org/77698http://www.securityfocus.com/bid/51006https://exchange.xforce.ibmcloud.com/vulnerabilities/71726
2012-06-21
Published