Arbitrary Code Execution via Stack-based Buffer Overflow in ICU's _canonicalize Function

Arbitrary Code Execution via Stack-based Buffer Overflow in ICU's _canonicalize Function

CVE-2011-4599 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Stack-based buffer overflow in the _canonicalize function in common/uloc.c in International Components for Unicode (ICU) before 49.1 allows remote attackers to execute arbitrary code via a crafted locale ID that is not properly handled during variant canonicalization.

Learn more about our Web Application Penetration Testing UK.