Denial of Service Vulnerability in libidn's stringprep_utf8_nfkc_normalize Function

Denial of Service Vulnerability in libidn's stringprep_utf8_nfkc_normalize Function

CVE-2016-6263 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

The stringprep_utf8_nfkc_normalize function in lib/nfkc.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted UTF-8 data.

Learn more about our Web Application Penetration Testing UK.