CVE-2017-7868: Buffer Overflow

Q: What is the severity of CVE-2017-7868?

CVE-2017-7868 has been assigned a CVSS score indicating a high severity vulnerability.

Q: How do I fix CVE-2017-7868?

To address CVE-2017-7868, update the ICU library to version 58.3 or higher.

Q: What are the consequences of exploiting CVE-2017-7868?

Exploiting CVE-2017-7868 may lead to an out-of-bounds write, potentially allowing an attacker to execute arbitrary code.

Q: Which software is affected by CVE-2017-7868?

CVE-2017-7868 affects International Components for Unicode (ICU) versions before 58.3 and Debian Linux 8.0.

Q: What is the nature of the vulnerability in CVE-2017-7868?

CVE-2017-7868 is characterized as a heap-based buffer overflow caused by an out-of-bounds write in specific ICU functions.

Published Apr 14, 2017

Updated

International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utextmoveIndex32 function.

Affected Software

2 affected components

icu-project International Components For Unicode C\/c\+\+<=58.2

Debian Debian Linux=8.0

Remediation

Patch Available

http://bugs.icu-project.org/trac/changeset/39671

Event History

Apr 14, 2017

CVE Published

via MITRE·04:30 AM

Data Sourced

via MITRE·04:30 AM

Description

Frequently Asked Questions

What is the severity of CVE-2017-7868?

CVE-2017-7868 has been assigned a CVSS score indicating a high severity vulnerability.

How do I fix CVE-2017-7868?

To address CVE-2017-7868, update the ICU library to version 58.3 or higher.

What are the consequences of exploiting CVE-2017-7868?