URL:
http://savannah.gnu.org/bugs/?45236
Summary: Memory disclosure in wget using incomplete UTF-8
sequences
Project: GNU Wget
Submitted by: None
Submitted on: Tue 02 Jun 2015 08:36:26 AM UTC
Category: Protocol Issue
On 06/02/2015 10:36 AM, anonymous wrote:
Hello,
We discovered a vulnerability in the parsing and processing of international
domain names performed by the GNU IDN library in wget.
It affects systems using the UTF-8 locales and allows to read bytes outside
allocated buffers, using incomplete