Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4770

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2007-4770
Last Modified 07 Mar 2011 09:59:09
Published 28 Jan 2008 07:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-4770

Summary

libicu in International Components for Unicode (ICU) 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero (aka \0), which might allow context-dependent attackers to read from, or write to, out-of-bounds memory locations, related to corruption of REStackFrames.

Vulnerable Systems

Application

  • Icu Project International Components For Unicode 3.8.1


References

BID - 27455

MLIST - [icu-support] 20080122 ICU Patch for bugs in Regular Expressions

SECUNIA - 28575

FEDORA - FEDORA-2008-1076

FEDORA - FEDORA-2008-1036

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=429023

XF - libicu-restackframes-dos(39938)

VUPEN - ADV-2008-1375

VUPEN - ADV-2008-0807

VUPEN - ADV-2008-0282

MANDRIVA - MDVSA-2008:026

SECTRACK - 1019269

GENTOO - GLSA-200805-16

SECUNIA - 30179

SECUNIA - 28669

SECUNIA - 28615

REDHAT - RHSA-2008:0090

CONFIRM - https://issues.rpath.com/browse/RPL-2199

UBUNTU - USN-591-1

BUGTRAQ - 20080206 rPSA-2008-0043-1 icu

CONFIRM - http://www.openoffice.org/security/cves/CVE-2007-5745.html

CONFIRM - http://www.openoffice.org/security/cves/CVE-2007-4770.html

SUSE - SUSE-SA:2008:023

DEBIAN - DSA-1511

CONFIRM - http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0043

SUNALERT - 233922

SUNALERT - 231641

GENTOO - GLSA-200803-20

SECUNIA - 29987

SECUNIA - 29910

SECUNIA - 29852

SECUNIA - 29333

SECUNIA - 29294

SECUNIA - 29291

SECUNIA - 29242

SECUNIA - 29194

SECUNIA - 28783

SUSE - SUSE-SR:2008:005

Related Patches

Novell SUSE 2008:5014 icu security update for SLE 10 SP1 i586


Last Updated: 27 May 2016 10:45:58