CVE-2017-7868 — Out-of-bounds Write in International Components FOR Unicode
Severity
7.5HIGHNVD
EPSS
2.1%
top 15.95%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedApr 14
Latest updateMay 14
Description
International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_moveIndex32* function.
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6
Affected Packages1 packages
Also affects: Debian Linux 8.0
Patches
🔴Vulnerability Details
3GHSA▶
GHSA-837c-68qm-mvch: International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to th↗2022-05-14
CVEList▶
CVE-2017-7868: International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to th↗2017-04-14
OSV▶
CVE-2017-7868: International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to th↗2017-04-14