UTF32Encoding.cpp in POCO has a Poco::UTF32Encoding integer overflow and resultant stack buffer overflow because Poco::UTF32Encoding::convert() and Poco::UTF32::queryConvert() may return a negative integer if a UTF-32 byte sequence evaluates to a value of 0x80000000 or higher. This is fixed in 1.11.8p2, 1.12.5p2, and 1.13.0.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-01-27T00:00:00
Updated: 2024-08-02T22:55:41.717Z
Reserved: 2024-01-27T00:00:00
Link: CVE-2023-52389
Vulnrichment
No data.
NVD
Status : Modified
Published: 2024-01-27T03:15:07.883
Modified: 2024-11-21T08:39:42.947
Link: CVE-2023-52389
Redhat
No data.