Out-of-Bounds Read in jabberd2 Affecting Libin Versions Prior to 1.31
CVE-2015-2059
Currently unrated
Summary
A vulnerability exists in the stringprep_utf8_to_ucs4 function within the libin library, as utilized by jabberd2, which can be exploited by context-dependent attackers. By supplying malformed UTF-8 strings, an attacker can trigger an out-of-bounds read, leading to potential information leakage from system memory or other unspecified impacts. This vulnerability poses a risk to systems running affected versions of jabberd2, warranting prompt attention and remediation.
References
Timeline
Vulnerability published
Vulnerability Reserved