Novell Home

CVE-2009-0153

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

CVE-2009-0153 at MITRE

Details

International Components for Unicode (ICU) 4.0, 3.6, and other 3.x versions, as used in Apple Mac OS X 10.5 before 10.5.7, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Fedora 9 and 10, and possibly other operating systems, does not properly handle invalid byte sequences during Unicode conversion, which might allow remote attackers to conduct cross-site scripting (XSS) attacks.
Novell Bugzilla entry: 508070,539839

SUSE Security Advisories:

Product(s) Fixed package version(s) References
openSUSE 10.3
  • icu >= 3.6-13.4
  • icu-data >= 3.6-13.4
  • libicu >= 3.6-13.4
  • libicu-32bit >= 3.6-13.4
  • libicu-64bit >= 3.6-13.4
  • libicu-devel >= 3.6-13.4
  • libicu-devel-32bit >= 3.6-13.4
  • libicu-devel-64bit >= 3.6-13.4
  • libicu-doc >= 3.6-13.4
 ZYPP Patch Nr: 6322
SAT Patch Nr: 1028
openSUSE 11.0
  • icu-debuginfo >= 3.8.1-21.2
  • icu-debugsource >= 3.8.1-21.2
 ZYPP Patch Nr: 6322
SAT Patch Nr: 1028
openSUSE 11.0
  • icu >= 3.8.1-21.2
  • icu-data >= 3.8.1-21.2
  • libicu >= 3.8.1-21.2
  • libicu-32bit >= 3.8.1-21.2
  • libicu-64bit >= 3.8.1-21.2
  • libicu-devel >= 3.8.1-21.2
  • libicu-devel-32bit >= 3.8.1-21.2
  • libicu-devel-64bit >= 3.8.1-21.2
  • libicu-doc >= 3.8.1-21.2
 ZYPP Patch Nr: 6322
SAT Patch Nr: 1028
openSUSE 11.1
  • icu-debuginfo >= 4.0-7.2.1
  • icu-debugsource >= 4.0-7.2.1
 ZYPP Patch Nr: 6322
SAT Patch Nr: 1028
openSUSE 11.1
  • icu >= 4.0-7.2.1
  • icu-data >= 4.0-7.2.1
  • libicu >= 4.0-7.2.1
  • libicu-32bit >= 4.0-7.2.1
  • libicu-64bit >= 4.0-7.2.1
  • libicu-devel >= 4.0-7.2.1
  • libicu-devel-32bit >= 4.0-7.2.1
  • libicu-devel-64bit >= 4.0-7.2.1
  • libicu-doc >= 4.0-7.2.1
 ZYPP Patch Nr: 6322
SAT Patch Nr: 1028
SLES 11 DEBUGINFO
  • icu-debuginfo >= 4.0-7.22.1
  • icu-debugsource >= 4.0-7.22.1
 sle11-debuginfo. x86-64
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. x86
sle11-debuginfo. x86
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. x86-64
SAT Patch Nr: 1029
SLE 11
  • icu >= 4.0-7.22.1
  • libicu-devel >= 4.0-7.22.1
 sle11-debuginfo. x86-64
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. x86
sle11-debuginfo. x86
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. x86-64
SAT Patch Nr: 1029
SLE 11
  • icu >= 4.0-7.22.1
  • libicu-32bit >= 4.0-7.22.1
  • libicu-devel >= 4.0-7.22.1
  • libicu-devel-32bit >= 4.0-7.22.1
 sle11-debuginfo. x86-64
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. x86
sle11-debuginfo. x86
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. x86-64
SAT Patch Nr: 1029
SLED 11
  • icu >= 4.0-7.22.1
  • libicu >= 4.0-7.22.1
 sle11-debuginfo. x86-64
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. x86
sle11-debuginfo. x86
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. x86-64
SAT Patch Nr: 1029
SLES 11
  • libicu >= 4.0-7.22.1
  • libicu-doc >= 4.0-7.22.1
 sle11-debuginfo. x86-64
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. x86
sle11-debuginfo. x86
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. x86-64
SAT Patch Nr: 1029
SLES 11
  • libicu >= 4.0-7.22.1
  • libicu-32bit >= 4.0-7.22.1
  • libicu-doc >= 4.0-7.22.1
 sle11-debuginfo. x86-64
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. x86
sle11-debuginfo. x86
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. x86-64
SAT Patch Nr: 1029
SUSE Linux Enterprise Desktop 10 SP2 for x86
  • icu >= 3.4-16.10
  • libicu >= 3.4-16.10
 sles10-sp2. x86-64
sles10-sp2. ia64
sled10-sp2. x86-64
sles10-sp2-sdk. x86-64
sles10-sp2. s390x
sled10-sp2. x86
sles10-sp2-sdk. ia64
sles10-sp2-sdk. x86
sles10-sp2. ppc
sles10-sp2-sdk. s390x
sles10-sp2-sdk. ppc
sles10-sp2. x86
ZYPP Patch Nr: 6422
SUSE Linux Enterprise Desktop 10 SP2 for AMD64 and Intel EM64T
  • icu >= 3.4-16.10
  • libicu >= 3.4-16.10
  • libicu-32bit >= 3.4-16.10
 sles10-sp2. x86-64
sles10-sp2. ia64
sled10-sp2. x86-64
sles10-sp2-sdk. x86-64
sles10-sp2. s390x
sled10-sp2. x86
sles10-sp2-sdk. ia64
sles10-sp2-sdk. x86
sles10-sp2. ppc
sles10-sp2-sdk. s390x
sles10-sp2-sdk. ppc
sles10-sp2. x86
ZYPP Patch Nr: 6422
SLE SDK 10 SP2 for IPF
SLE SDK 10 SP2 for x86
  • icu >= 3.4-16.10
  • icu-data >= 3.4-16.10
  • libicu-devel >= 3.4-16.10
  • libicu-doc >= 3.4-16.10
 sles10-sp2. x86-64
sles10-sp2. ia64
sled10-sp2. x86-64
sles10-sp2-sdk. x86-64
sles10-sp2. s390x
sled10-sp2. x86
sles10-sp2-sdk. ia64
sles10-sp2-sdk. x86
sles10-sp2. ppc
sles10-sp2-sdk. s390x
sles10-sp2-sdk. ppc
sles10-sp2. x86
ZYPP Patch Nr: 6422
SLE SDK 10 SP2 for IBM iSeries and IBM pSeries
  • icu >= 3.4-16.10
  • icu-data >= 3.4-16.10
  • libicu-devel >= 3.4-16.10
  • libicu-devel-64bit >= 3.4-16.10
  • libicu-doc >= 3.4-16.10
 sles10-sp2. x86-64
sles10-sp2. ia64
sled10-sp2. x86-64
sles10-sp2-sdk. x86-64
sles10-sp2. s390x
sled10-sp2. x86
sles10-sp2-sdk. ia64
sles10-sp2-sdk. x86
sles10-sp2. ppc
sles10-sp2-sdk. s390x
sles10-sp2-sdk. ppc
sles10-sp2. x86
ZYPP Patch Nr: 6422
SLE SDK 10 SP2 for IBM zSeries
SLE SDK 10 SP2 for X86-64
  • icu >= 3.4-16.10
  • icu-data >= 3.4-16.10
  • libicu-devel >= 3.4-16.10
  • libicu-devel-32bit >= 3.4-16.10
  • libicu-doc >= 3.4-16.10
 sles10-sp2. x86-64
sles10-sp2. ia64
sled10-sp2. x86-64
sles10-sp2-sdk. x86-64
sles10-sp2. s390x
sled10-sp2. x86
sles10-sp2-sdk. ia64
sles10-sp2-sdk. x86
sles10-sp2. ppc
sles10-sp2-sdk. s390x
sles10-sp2-sdk. ppc
sles10-sp2. x86
ZYPP Patch Nr: 6422
SUSE Linux Enterprise Server 10 SP2 for x86
  • libicu >= 3.4-16.10
  • libicu-devel >= 3.4-16.10
  • libicu-doc >= 3.4-16.10
 sles10-sp2. x86-64
sles10-sp2. ia64
sled10-sp2. x86-64
sles10-sp2-sdk. x86-64
sles10-sp2. s390x
sled10-sp2. x86
sles10-sp2-sdk. ia64
sles10-sp2-sdk. x86
sles10-sp2. ppc
sles10-sp2-sdk. s390x
sles10-sp2-sdk. ppc
sles10-sp2. x86
ZYPP Patch Nr: 6422
SUSE Linux Enterprise Server 10 SP2 for IPF
  • libicu >= 3.4-16.10
  • libicu-devel >= 3.4-16.10
  • libicu-doc >= 3.4-16.10
  • libicu-x86 >= 3.4-16.10
 sles10-sp2. x86-64
sles10-sp2. ia64
sled10-sp2. x86-64
sles10-sp2-sdk. x86-64
sles10-sp2. s390x
sled10-sp2. x86
sles10-sp2-sdk. ia64
sles10-sp2-sdk. x86
sles10-sp2. ppc
sles10-sp2-sdk. s390x
sles10-sp2-sdk. ppc
sles10-sp2. x86
ZYPP Patch Nr: 6422
SUSE Linux Enterprise Server 10 SP2 for IBM POWER
  • libicu >= 3.4-16.10
  • libicu-64bit >= 3.4-16.10
  • libicu-devel >= 3.4-16.10
  • libicu-devel-64bit >= 3.4-16.10
  • libicu-doc >= 3.4-16.10
 sles10-sp2. x86-64
sles10-sp2. ia64
sled10-sp2. x86-64
sles10-sp2-sdk. x86-64
sles10-sp2. s390x
sled10-sp2. x86
sles10-sp2-sdk. ia64
sles10-sp2-sdk. x86
sles10-sp2. ppc
sles10-sp2-sdk. s390x
sles10-sp2-sdk. ppc
sles10-sp2. x86
ZYPP Patch Nr: 6422
SUSE Linux Enterprise Server 10 SP2 for AMD64 and Intel EM64T
SUSE Linux Enterprise Server 10 SP2 for IBM zSeries 64bit
  • libicu >= 3.4-16.10
  • libicu-32bit >= 3.4-16.10
  • libicu-devel >= 3.4-16.10
  • libicu-devel-32bit >= 3.4-16.10
  • libicu-doc >= 3.4-16.10
 sles10-sp2. x86-64
sles10-sp2. ia64
sled10-sp2. x86-64
sles10-sp2-sdk. x86-64
sles10-sp2. s390x
sled10-sp2. x86
sles10-sp2-sdk. ia64
sles10-sp2-sdk. x86
sles10-sp2. ppc
sles10-sp2-sdk. s390x
sles10-sp2-sdk. ppc
sles10-sp2. x86
ZYPP Patch Nr: 6422

Novell® Making IT Work As One

© 2009 Novell, Inc. All Rights Reserved.