Double Free
CVE-2017-14952
Summary
Double free in i18n/zonemeta.cpp in International Components for Unicode (ICU) for C/C++ prior to 58.3 and 59.2 allows remote attackers to execute arbitrary code via a crafted string, aka a "redundant UVector entry clean up function call" issue.
- LOW
- NETWORK
- HIGH
- UNCHANGED
- NONE
- NONE
- HIGH
- HIGH
CWE-415 - Double Free
The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.
Advisory Timeline
- Published