CVE-2017-7868

Published: 14 April 2017

International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_moveIndex32* function.

Priority

Medium

CVSS 3 base score: 7.5

Status

Package Release Status
icu
Launchpad, Ubuntu, Debian
Upstream
Released (57.1-6)
Ubuntu 16.04 LTS (Xenial Xerus)
Released (55.1-7ubuntu0.2)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (52.1-3ubuntu0.6)