{"id":"USN-2740-1","summary":"icu vulnerabilities","details":"Atte Kettunen discovered that ICU incorrectly handled certain converter\nnames. If an application using ICU processed crafted data, a remote\nattacker could possibly cause it to crash. (CVE-2015-1270)\n\nIt was discovered that ICU incorrectly handled certain memory operations\nwhen processing data. If an application using ICU processed crafted data,\na remote attacker could possibly cause it to crash or potentially execute\narbitrary code with the privileges of the user invoking the program.\n(CVE-2015-2632, CVE-2015-4760)\n","modified":"2026-02-10T04:40:55Z","published":"2015-09-16T17:03:36Z","related":["UBUNTU-CVE-2015-1270","UBUNTU-CVE-2015-2632","UBUNTU-CVE-2015-4760"],"upstream":["CVE-2015-1270","CVE-2015-2632","CVE-2015-4760","UBUNTU-CVE-2015-1270","UBUNTU-CVE-2015-2632","UBUNTU-CVE-2015-4760"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-2740-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-1270"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-2632"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-4760"}],"affected":[{"package":{"name":"icu","ecosystem":"Ubuntu:14.04:LTS","purl":"pkg:deb/ubuntu/icu@52.1-3ubuntu0.4?arch=source&distro=trusty"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"52.1-3ubuntu0.4"}]}],"versions":["4.8.1.1-12ubuntu2","4.8.1.1-13+nmu1","4.8.1.1-13+nmu1ubuntu1","52.1-3","52.1-3ubuntu0.2","52.1-3ubuntu0.3"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_version":"52.1-3ubuntu0.4","binary_name":"icu-devtools"},{"binary_version":"52.1-3ubuntu0.4","binary_name":"libicu-dev"},{"binary_version":"52.1-3ubuntu0.4","binary_name":"libicu52"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-2740-1.json","cves_map":{"cves":[{"severity":[{"score":"medium","type":"Ubuntu"}],"id":"CVE-2015-1270"},{"severity":[{"score":"low","type":"Ubuntu"}],"id":"CVE-2015-2632"},{"severity":[{"score":"medium","type":"Ubuntu"}],"id":"CVE-2015-4760"}],"ecosystem":"Ubuntu:14.04:LTS"}}}],"schema_version":"1.7.3"}