漏洞类别:Ubuntu
漏洞等级: 
漏洞信息
It was discovered that Libidn incorrectly handled invalid UTF-8 characters.
It was discovered that Libidn incorrectly handled certain input.
漏洞危害
A remote attacker could use this issue to cause Libidn to crash, resulting in a denial of service, or possibly disclose sensitive memory. This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-2059)
A remote attacker could possibly use this issue to cause Libidn to crash, resulting in a denial of service. (CVE-2015-8948, CVE-2016-6262, CVE-2016-6261, CVE-2016-6263)
解决方案
Refer to Ubuntu advisory USN-3068-1 for affected packages and patching details, or update with your package manager.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
USN-3068-1: 12.04 (Precise) on src (libidn11)
0day
文章评论