Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The stringprep_utf8_to_ucs4 function in libin before 1.31, as used in jabberd2, allows context-dependent attackers to read system memory and possibly have other unspecified impact via invalid UTF-8 characters in a string, which triggers an out-of-bounds read.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
jabberd2 libidn 缓冲区溢出漏洞
Vulnerability Description
jabberd2是一款基于XMMP(一种以XML为基础的开放式实时通信协议)的即时聊天服务器。GNU Libidn是一个通过IETF国际域名(IDN)实施字符串预处理、Punycode和IDNA规格定义的包。 jabberd2中使用的libidn 1.30及之前版本的‘stringprep_utf8_to_ucs4’函数中存在安全漏洞。攻击者可借助字符串中无效的UTF-8字符利用该漏洞读取系统内存。
CVSS Information
N/A
Vulnerability Type
N/A