Ubuntu 8.04 LTS / 8.10 / 9.04 : icu vulnerability (USN-846-1)

Ubuntu Security Notice (C) 2009-2013 Canonical, Inc. / NASL script (C) 2009-2013 Tenable Network Security, Inc.


Synopsis :

The remote Ubuntu host is missing one or more security-related patches.

Description :

It was discovered that ICU did not properly handle invalid byte
sequences during Unicode conversion. If an application using ICU
processed crafted data, content security mechanisms could be bypassed,
potentially leading to cross-site scripting (XSS) attacks.

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)

Family: Ubuntu Local Security Checks

Nessus Plugin ID: 42081 ()

Bugtraq ID:

CVE ID: CVE-2009-0153