Уязвимость CVE-2007-4771: Информация
Описание
Heap-based buffer overflow in the doInterval function in regexcmp.cpp in libicu in International Components for Unicode (ICU) 3.8.1 and earlier allows context-dependent attackers to cause a denial of service (memory consumption) and possibly have unspecified other impact via a regular expression that writes a large amount of data to the backtracking stack. NOTE: some of these details are obtained from third party information.
Важность: CRITICAL (9,3)
Ссылки на рекомендации, решения и инструменты
Ссылка | Ресурс |
---|---|
[icu-support] 20080122 ICU Patch for bugs in Regular Expressions |
|
https://bugzilla.redhat.com/show_bug.cgi?id=429025 |
|
MDVSA-2008:026 |
|
RHSA-2008:0090 |
|
27455 |
|
1019269 |
|
28575 |
|
28615 |
|
FEDORA-2008-1036 |
|
FEDORA-2008-1076 |
|
28669 |
|
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0043 |
|
https://issues.rpath.com/browse/RPL-2199 |
|
28783 |
|
DSA-1511 |
|
SUSE-SR:2008:005 |
|
29194 |
|
29242 |
|
233922 |
|
29291 |
|
GLSA-200803-20 |
|
29333 |
|
USN-591-1 |
|
29294 |
|
http://www.openoffice.org/security/cves/CVE-2007-4770.html |
|
http://www.openoffice.org/security/cves/CVE-2007-5745.html |
|
231641 |
|
SUSE-SA:2008:023 |
|
29852 |
|
29910 |
|
29987 |
|
GLSA-200805-16 |
|
30179 |
|
ADV-2008-0807 |
|
ADV-2008-1375 |
|
ADV-2008-0282 |
|
libicu-dointerval-bo(39936) |
|
oval:org.mitre.oval:def:5431 |
|
oval:org.mitre.oval:def:10507 |
|
20080206 rPSA-2008-0043-1 icu |