The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Vulnerability of GNU libidn2: buffer overflow via idn2_to_ascii_4i

Synthesis of the vulnerability

An attacker can trigger a buffer overflow via idn2_to_ascii_4i() of GNU libidn2, in order to trigger a denial of service, and possibly to run code.
Severity of this weakness: 3/4.
Creation date: 29/10/2019.
Références of this bulletin: CVE-2019-18224, openSUSE-SU-2019:2611-1, openSUSE-SU-2019:2613-1, SUSE-SU-2019:3086-1, USN-4168-1, VIGILANCE-VUL-30738.

Description of the vulnerability

An attacker can trigger a buffer overflow via idn2_to_ascii_4i() of GNU libidn2,...
Full Vigil@nce bulletin... (Request your free trial)

This security announce impacts software or systems such as openSUSE Leap, Solaris, SLES, Ubuntu.

Our Vigil@nce team determined that the severity of this threat is important.

The trust level is of type confirmed by the editor, with an origin of internet client.

An attacker with a expert ability can exploit this computer vulnerability announce.

Solutions for this threat

Patches for this vulnerability are not yet public.
Full Vigil@nce bulletin... (Request your free trial)

Computer vulnerabilities tracking service

Vigil@nce provides cybersecurity alerts. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications.