Ubuntu USN-747-1 (icu) Network Vulnerability

Summary

The remote host is missing an update to icu announced via advisory USN-747-1.

Solution

The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libicu34 3.4.1a-1ubuntu1.6.06.2 Ubuntu 7.10: libicu36 3.6-3ubuntu0.2 Ubuntu 8.04 LTS: libicu38 3.8-6ubuntu0.1 Ubuntu 8.10: libicu38 3.8.1-2ubuntu0.1 After a standard system upgrade you need to restart applications linked against libicu, such as OpenOffice.org, to effect the necessary changes. https://secure1.securityspace.com/smysecure/catid.html?in=USN-747-1

Insight

It was discovered that libicu did not correctly handle certain invalid encoded data. If a user or automated system were tricked into processing specially crafted data with applications linked against libicu, certain content filters could be bypassed.

Severity

Classification

CVE	CVE-2006-2426, CVE-2008-1036, CVE-2008-4316, CVE-2009-1093, CVE-2009-1094, CVE-2009-1095, CVE-2009-1096, CVE-2009-1097, CVE-2009-1098, CVE-2009-1100, CVE-2009-1101, CVE-2009-1102

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Take action and discover your vulnerabilities