Wind River Support Network

HomeDefectsLIN6-10235

Fixed

LIN6-10235 : Security Advisory - libidn - CVE-2015-2059

Created: Aug 16, 2015 Updated: Dec 3, 2018

Resolved Date: Sep 14, 2015

Found In Version: 6.0.0.23

Fix Version: 6.0.0.25

Severity: Standard

Applicable for: Wind River Linux 6

Component/s: Userspace

Description

The stringprep_utf8_to_ucs4 function in libin before 1.31, as used in jabberd2, allows context-dependent attackers to read system memory and possibly have other unspecified impact via invalid UTF-8 characters in a string, which triggers an out-of-bounds read.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2059

Other Downloads

Wind River Linux 6.0.0.29
Wind River Linux 6.0.0.30
Wind River Linux 6.0.0.31
Wind River Linux 6.0.0.32
Wind River Linux 6.0.0.33
Wind River Linux 6.0.0.34
Wind River Linux 6.0.0.35
Wind River Linux 6.0.0.36
Wind River Linux 6.0.0.37
Wind River Linux 6.0.0.38