Vulnerabilities > GNU > Libidn > High

DATE CVE VULNERABILITY TITLE RISK
2016-09-07 CVE-2016-6263 Out-of-bounds Read vulnerability in GNU Libidn
The stringprep_utf8_nfkc_normalize function in lib/nfkc.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted UTF-8 data.
network
low complexity
gnu CWE-125
7.5
7.5
2016-09-07 CVE-2016-6262 Out-of-bounds Read vulnerability in multiple products
idn in libidn before 1.33 might allow remote attackers to obtain sensitive memory information by reading a zero byte as input, which triggers an out-of-bounds read, a different vulnerability than CVE-2015-8948.
network
low complexity
gnu canonical opensuse CWE-125
7.5
7.5
2016-09-07 CVE-2016-6261 Out-of-bounds Read vulnerability in multiple products
The idna_to_ascii_4i function in lib/idna.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via 64 bytes of input.
network
low complexity
opensuse gnu canonical CWE-125
7.5
7.5
2016-09-07 CVE-2015-8948 Out-of-bounds Read vulnerability in multiple products
idn in GNU libidn before 1.33 might allow remote attackers to obtain sensitive memory information by reading a zero byte as input, which triggers an out-of-bounds read.
network
low complexity
opensuse canonical gnu CWE-125
7.5
7.5