CVE-2016-6263
- EPSS 3.64%
- Published 07.09.2016 20:59:06
- Last modified 12.04.2025 10:46:40
The stringprep_utf8_nfkc_normalize function in lib/nfkc.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted UTF-8 data.
CVE-2016-6262
- EPSS 6.27%
- Published 07.09.2016 20:59:05
- Last modified 12.04.2025 10:46:40
idn in libidn before 1.33 might allow remote attackers to obtain sensitive memory information by reading a zero byte as input, which triggers an out-of-bounds read, a different vulnerability than CVE-2015-8948.
CVE-2016-6261
- EPSS 4.3%
- Published 07.09.2016 20:59:04
- Last modified 12.04.2025 10:46:40
The idna_to_ascii_4i function in lib/idna.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via 64 bytes of input.
CVE-2015-8948
- EPSS 7.11%
- Published 07.09.2016 20:59:00
- Last modified 12.04.2025 10:46:40
idn in GNU libidn before 1.33 might allow remote attackers to obtain sensitive memory information by reading a zero byte as input, which triggers an out-of-bounds read.
CVE-2015-2059
- EPSS 0.83%
- Published 12.08.2015 14:59:09
- Last modified 12.04.2025 10:46:40
The stringprep_utf8_to_ucs4 function in libin before 1.31, as used in jabberd2, allows context-dependent attackers to read system memory and possibly have other unspecified impact via invalid UTF-8 characters in a string, which triggers an out-of-bou...