Ubuntu Update For Icu USN-1989-1 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

It was discovered that ICU contained a race condition affecting multi- threaded applications. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 12.04 LTS and Ubuntu 12.10. (CVE-2013-0900) It was discovered that ICU incorrectly handled memory operations. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. (CVE-2013-2924)

Affected

icu on Ubuntu 13.04 , Ubuntu 12.10 , Ubuntu 12.04 LTS

Severity

Classification

CVE CVE-2013-0900, CVE-2013-2924
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Ubuntu Update for dbus-glib USN-1753-1
Ubuntu Update for clamav USN-2488-2
Ubuntu Update for bind9 USN-1783-1
Ubuntu Update for bind9 USN-1462-1
Ubuntu Update for cupsys vulnerabilities USN-656-1

Ubuntu Update for icu USN-1989-1

Take action and discover your vulnerabilities