CVE Database


Impact: Moderate
Public: 2008-05-28
Bugzilla: 464168: CVE-2008-1036 ICU: Invalid character sequences omission during conversion of some character encodings (XSS attack possible)


The MITRE CVE dictionary describes this issue as:

The International Components for Unicode (ICU) library in Apple Mac OS X before 10.5.3, Red Hat Enterprise Linux 5, and other operating systems omits some invalid character sequences during conversion of some character encodings, which might allow remote attackers to conduct cross-site scripting (XSS) attacks.

Find out more about CVE-2008-1036 from the MITRE CVE dictionary and NIST NVD.

Red Hat security errata

Platform Errata Release Date
Red Hat Enterprise Linux version 5 (icu) RHSA-2009:0296 March 12, 2009

External References

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact the Red Hat Security Response Team.