Oval Definition:	oval:com.ubuntu.artful:def:20149911000
Revision Date: 2017-01-04 Version: 1 Title: CVE-2014-9911 on Ubuntu 17.10 (artful) - medium. Description: Stack-based buffer overflow in the ures_getByKeyWithFallback function in common/uresbund.cpp in International Components for Unicode (ICU) before 54.1 for C/C++ allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted uloc_getDisplayName call. Family: unix Class: vulnerability Status: Reference(s): CVE-2014-9911 Platform(s): Ubuntu 17.10 Product(s): Definition Synopsis Ubuntu 17.10 (artful) is installed. AND Package Information NOT While related to the CVE in some way, the 'chromium-browser' package in artful is not affected. OR NOT While related to the CVE in some way, the 'firefox' package in artful is not affected (note: '50.1.0+build2-0ubuntu1'). OR NOT While related to the CVE in some way, the 'icu' package in artful is not affected. OR The 'mozjs24' package in artful is affected and needs fixing. OR NOT While related to the CVE in some way, the 'oxide-qt' package in artful is not affected (note: '1.17.9-0ubuntu1'). OR The vulnerability of the 'r-cran-stringi' package in artful is not known (status: 'needs-triage'). It is pending evaluation. OR NOT While related to the CVE in some way, the 'thunderbird' package in artful is not affected (note: '1:45.3.0+build1-0ubuntu4').
BACK