CVE-2008-1036
Published: 02 June 2008
The International Components for Unicode (ICU) library in Apple Mac OS X before 10.5.3, Red Hat Enterprise Linux 5, and other operating systems omits some invalid character sequences during conversion of some character encodings, which might allow remote attackers to conduct cross-site scripting (XSS) attacks.
Priority
Status
Package | Release | Status |
---|---|---|
icu Launchpad, Ubuntu, Debian |
Upstream |
Needed
|
Patches: Vendor: http://launchpadlibrarian.net/23783267/icu.icu6175.emptysegments.patch Vendor: https://bugzilla.redhat.com/attachment.cgi?id=321139 Upstream: http://bugs.icu-project.org/trac/search?q=%22ticket:6175:%22&noquickjump=1&changeset=on |