Out-of-Bounds Read in jabberd2 Affecting Libin Versions Prior to 1.31
CVE-2015-2059

Currently unrated

Key Information:

Vendor
Gnu
Status
Vendor
CVE Published:
12 August 2015

Summary

A vulnerability exists in the stringprep_utf8_to_ucs4 function within the libin library, as utilized by jabberd2, which can be exploited by context-dependent attackers. By supplying malformed UTF-8 strings, an attacker can trigger an out-of-bounds read, leading to potential information leakage from system memory or other unspecified impacts. This vulnerability poses a risk to systems running affected versions of jabberd2, warranting prompt attention and remediation.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.