QwikSec

Security Database

CVE

CWE

Training

CVE-2017-15396

Published: Aug 28, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

A stack buffer overflow in NumberingSystem in International Components for Unicode (ICU) for C/C++ before 60.2, as used in V8 in Google Chrome prior to 62.0.3202.75 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Vendor	Product	Versions
n/a	Google Chrome prior to 62.0.3202.75 unknown	affected `Google Chrome prior to 62.0.3202.75 unknown`

References

http://bugs.icu-project.org/trac/changeset/40494

x_refsource_MISC

vendor-advisory

x_refsource_REDHAT

https://crbug.com/770452

x_refsource_MISC

vendor-advisory

x_refsource_DEBIAN

vdb-entry

x_refsource_BID

https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop_26.html

x_refsource_MISC

vendor-advisory

x_refsource_GENTOO

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.