CVE-2008-1036 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2008-1036
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2008-1036

Description: The International Components for Unicode (ICU) library in Apple Mac OS X before 10.5.3, Red Hat Enterprise Linux 5, and other operating systems omits some invalid character sequences during conversion of some character encodings, which might allow remote attackers to conduct cross-site scripting (XSS) attacks.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/42717 UBUNTU http://www.ubuntu.com/usn/USN-747-1 ST 1020139 SAID Secunia Advisory: SA30430 Secunia Advisory: SA34777 Secunia Advisory: SA34290 REDHAT http://www.redhat.com/support/errata/RHSA-2009-0296.html MISC http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0064 DEBIAN http://www.debian.org/security/2009/dsa-1762 CERT http://www.us-cert.gov/cas/techalerts/TA08-150A.html BID 29488 29412 APPLE http://lists.apple.com/archives/security-announce/2008//May/msg00001.html

Return to the previous page.