Уязвимость CVE-2007-4771: Информация
Описание
Heap-based buffer overflow in the doInterval function in regexcmp.cpp in libicu in International Components for Unicode (ICU) 3.8.1 and earlier allows context-dependent attackers to cause a denial of service (memory consumption) and possibly have unspecified other impact via a regular expression that writes a large amount of data to the backtracking stack. NOTE: some of these details are obtained from third party information.
Важность: CRITICAL (9,3)
Ссылки на рекомендации, решения и инструменты
Ссылка | Ресурс |
|---|---|
| [icu-support] 20080122 ICU Patch for bugs in Regular Expressions |
|
| https://bugzilla.redhat.com/show_bug.cgi?id=429025 |
|
| MDVSA-2008:026 |
|
| RHSA-2008:0090 |
|
| 27455 |
|
| 1019269 |
|
| 28575 |
|
| 28615 |
|
| FEDORA-2008-1036 |
|
| FEDORA-2008-1076 |
|
| 28669 |
|
| http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0043 |
|
| https://issues.rpath.com/browse/RPL-2199 |
|
| 28783 |
|
| DSA-1511 |
|
| SUSE-SR:2008:005 |
|
| 29194 |
|
| 29242 |
|
| 233922 |
|
| 29291 |
|
| GLSA-200803-20 |
|
| 29333 |
|
| USN-591-1 |
|
| 29294 |
|
| http://www.openoffice.org/security/cves/CVE-2007-4770.html |
|
| http://www.openoffice.org/security/cves/CVE-2007-5745.html |
|
| 231641 |
|
| SUSE-SA:2008:023 |
|
| 29852 |
|
| 29910 |
|
| 29987 |
|
| GLSA-200805-16 |
|
| 30179 |
|
| ADV-2008-0807 |
|
| ADV-2008-1375 |
|
| ADV-2008-0282 |
|
| libicu-dointerval-bo(39936) |
|
| oval:org.mitre.oval:def:5431 |
|
| oval:org.mitre.oval:def:10507 |
|
| 20080206 rPSA-2008-0043-1 icu |