← Back

CVE-2015-1270

nvd nist
Published: Jul 23, 2015Modified: May 6, 2026

JSON object

Loading...
6.8
Vector
AV:N/AC:M/Au:N/C:P/I:P/A:P
Exploitability: 8.6 / Impact: 6.4
Source: NVD

Description

The ucnv_io_getConverterName function in common/ucnv_io.cpp in International Components for Unicode (ICU), as used in Google Chrome before 44.0.2403.89, mishandles converter names with initial x- substrings, which allows remote attackers to cause a denial of service (read of uninitialized memory) or possibly have unspecified other impact via a crafted file.

Affected (9)

Show all products
Google: Chrome · Redhat: Enterprise Linux Desktop Supplementary, Enterprise Linux Server Supplementary, Enterprise Linux Server Supplementary Eus, Enterprise Linux Workstation Supplementary · Opensuse: Opensuse · Debian: Debian Linux · Oracle: Solaris
Google
1 product
Chrome
Redhat
4 products
Enterprise Linux Desktop Supplementary
Enterprise Linux Server Supplementary
Enterprise Linux Server Supplementary Eus
Enterprise Linux Workstation Supplementary
Opensuse
1 product
Opensuse
Debian
1 product
Debian Linux
Oracle
1 product
Solaris
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Chrome
Up to 43.0.2357.134
Configuration B
4 vulnerable
Vulnerable SoftwareAffected Versions
Enterprise Linux Desktop Supplementary
Version 6.0
Enterprise Linux Server Supplementary
Version 6.0
Enterprise Linux Server Supplementary Eus
Version 6.7z
Enterprise Linux Workstation Supplementary
Version 6.0
Configuration C
2 vulnerable
Vulnerable SoftwareAffected Versions
Opensuse
Opensuse
Version 13.1
Opensuse
Version 13.2
Configuration D
1 vulnerable
Vulnerable SoftwareAffected Versions
Debian Linux
Version 8.0
Configuration E
1 vulnerable
Vulnerable SoftwareAffected Versions
Solaris
Version 11.3

Related CWEs

CWE-19
CWE-19

References (26)

Source: chrome-cve-admin@google.com
Source: chrome-cve-admin@google.com
Source: chrome-cve-admin@google.com
Source: chrome-cve-admin@google.com
Source: chrome-cve-admin@google.com
Source: chrome-cve-admin@google.com
Source: chrome-cve-admin@google.com
Source: chrome-cve-admin@google.com
Source: chrome-cve-admin@google.com
Source: chrome-cve-admin@google.com
Source: chrome-cve-admin@google.com
Source: chrome-cve-admin@google.com
Source: chrome-cve-admin@google.com
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.