UTF32Encoding.cpp in POCO has a Poco::UTF32Encoding integer overflow and resultant stack buffer overflow because Poco::UTF32Encoding::convert() and Poco::UTF32::queryConvert() may return a negative integer if a UTF-32 byte sequence evaluates to a value of 0x80000000 or higher. This is fixed in 1.11.8p2, 1.12.5p2, and 1.13.0.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2024-01-27T00:00:00

Updated: 2024-08-02T22:55:41.717Z

Reserved: 2024-01-27T00:00:00

Link: CVE-2023-52389

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2024-01-27T03:15:07.883

Modified: 2024-11-21T08:39:42.947

Link: CVE-2023-52389

cve-icon Redhat

No data.