CVE Vulnerabilities

CVE-2007-4770

Published: Jan 29, 2008 | Modified: Oct 15, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM

libicu in International Components for Unicode (ICU) 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero (aka 0), which might allow context-dependent attackers to read from, or write to, out-of-bounds memory locations, related to corruption of REStackFrames.

Affected Software

Name Vendor Start Version End Version
International_components_for_unicode Icu-project * 3.8.1 (including)
Red Hat Enterprise Linux 5 RedHat icu-0:3.6-5.11.1 *
Icu Ubuntu dapper *
Icu Ubuntu edgy *
Icu Ubuntu feisty *
Icu Ubuntu gutsy *
Icu Ubuntu upstream *

References