CVE Vulnerabilities

CVE-2007-4771

Published: Jan 29, 2008 | Modified: Oct 15, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
9.3 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu
LOW

Heap-based buffer overflow in the doInterval function in regexcmp.cpp in libicu in International Components for Unicode (ICU) 3.8.1 and earlier allows context-dependent attackers to cause a denial of service (memory consumption) and possibly have unspecified other impact via a regular expression that writes a large amount of data to the backtracking stack. NOTE: some of these details are obtained from third party information.

Affected Software

Name Vendor Start Version End Version
International_components_for_unicode Icu-project * 3.8.1 (including)
Red Hat Enterprise Linux 5 RedHat icu-0:3.6-5.11.1 *
Icu Ubuntu dapper *
Icu Ubuntu edgy *
Icu Ubuntu feisty *
Icu Ubuntu gutsy *
Icu Ubuntu upstream *

References