ID CVE-2007-4770
Summary libicu in International Components for Unicode (ICU) 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero (aka \0), which might allow context-dependent attackers to read from, or write to, out-of-bounds memory locations, related to corruption of REStackFrames.
References
Vulnerable Configurations
  • cpe:2.3:a:icu-project:international_components_for_unicode:1.4:*:*:*:*:c\/c\+\+:*:*
    cpe:2.3:a:icu-project:international_components_for_unicode:1.4:*:*:*:*:c\/c\+\+:*:*
  • cpe:2.3:a:icu-project:international_components_for_unicode:1.4.1:*:*:*:*:c\/c\+\+:*:*
    cpe:2.3:a:icu-project:international_components_for_unicode:1.4.1:*:*:*:*:c\/c\+\+:*:*
  • cpe:2.3:a:icu-project:international_components_for_unicode:1.4.1.1:*:*:*:*:c\/c\+\+:*:*
    cpe:2.3:a:icu-project:international_components_for_unicode:1.4.1.1:*:*:*:*:c\/c\+\+:*:*
  • cpe:2.3:a:icu-project:international_components_for_unicode:1.4.1.2:*:*:*:*:c\/c\+\+:*:*
    cpe:2.3:a:icu-project:international_components_for_unicode:1.4.1.2:*:*:*:*:c\/c\+\+:*:*
  • cpe:2.3:a:icu-project:international_components_for_unicode:1.4.2:*:*:*:*:c\/c\+\+:*:*
    cpe:2.3:a:icu-project:international_components_for_unicode:1.4.2:*:*:*:*:c\/c\+\+:*:*
  • cpe:2.3:a:icu-project:international_components_for_unicode:1.5:*:*:*:*:c\/c\+\+:*:*
    cpe:2.3:a:icu-project:international_components_for_unicode:1.5:*:*:*:*:c\/c\+\+:*:*
  • cpe:2.3:a:icu-project:international_components_for_unicode:1.6:*:*:*:*:c\/c\+\+:*:*
    cpe:2.3:a:icu-project:international_components_for_unicode:1.6:*:*:*:*:c\/c\+\+:*:*
  • cpe:2.3:a:icu-project:international_components_for_unicode:1.7:*:*:*:*:c\/c\+\+:*:*
    cpe:2.3:a:icu-project:international_components_for_unicode:1.7:*:*:*:*:c\/c\+\+:*:*
  • cpe:2.3:a:icu-project:international_components_for_unicode:1.8:*:*:*:*:c\/c\+\+:*:*
    cpe:2.3:a:icu-project:international_components_for_unicode:1.8:*:*:*:*:c\/c\+\+:*:*
  • cpe:2.3:a:icu-project:international_components_for_unicode:1.8.1:*:*:*:*:c\/c\+\+:*:*
    cpe:2.3:a:icu-project:international_components_for_unicode:1.8.1:*:*:*:*:c\/c\+\+:*:*
  • cpe:2.3:a:icu-project:international_components_for_unicode:2.0:*:*:*:*:c\/c\+\+:*:*
    cpe:2.3:a:icu-project:international_components_for_unicode:2.0:*:*:*:*:c\/c\+\+:*:*
  • cpe:2.3:a:icu-project:international_components_for_unicode:2.0.1:*:*:*:*:c\/c\+\+:*:*
    cpe:2.3:a:icu-project:international_components_for_unicode:2.0.1:*:*:*:*:c\/c\+\+:*:*
  • cpe:2.3:a:icu-project:international_components_for_unicode:2.0.2:*:*:*:*:c\/c\+\+:*:*
    cpe:2.3:a:icu-project:international_components_for_unicode:2.0.2:*:*:*:*:c\/c\+\+:*:*
  • cpe:2.3:a:icu-project:international_components_for_unicode:2.1:*:*:*:*:c\/c\+\+:*:*
    cpe:2.3:a:icu-project:international_components_for_unicode:2.1:*:*:*:*:c\/c\+\+:*:*
  • cpe:2.3:a:icu-project:international_components_for_unicode:2.2:*:*:*:*:c\/c\+\+:*:*
    cpe:2.3:a:icu-project:international_components_for_unicode:2.2:*:*:*:*:c\/c\+\+:*:*
  • cpe:2.3:a:icu-project:international_components_for_unicode:2.4:*:*:*:*:c\/c\+\+:*:*
    cpe:2.3:a:icu-project:international_components_for_unicode:2.4:*:*:*:*:c\/c\+\+:*:*
  • cpe:2.3:a:icu-project:international_components_for_unicode:2.6:*:*:*:*:c\/c\+\+:*:*
    cpe:2.3:a:icu-project:international_components_for_unicode:2.6:*:*:*:*:c\/c\+\+:*:*
  • cpe:2.3:a:icu-project:international_components_for_unicode:2.6.1:*:*:*:*:c\/c\+\+:*:*
    cpe:2.3:a:icu-project:international_components_for_unicode:2.6.1:*:*:*:*:c\/c\+\+:*:*
  • cpe:2.3:a:icu-project:international_components_for_unicode:2.6.2:*:*:*:*:c\/c\+\+:*:*
    cpe:2.3:a:icu-project:international_components_for_unicode:2.6.2:*:*:*:*:c\/c\+\+:*:*
  • cpe:2.3:a:icu-project:international_components_for_unicode:2.8:*:*:*:*:c\/c\+\+:*:*
    cpe:2.3:a:icu-project:international_components_for_unicode:2.8:*:*:*:*:c\/c\+\+:*:*
  • cpe:2.3:a:icu-project:international_components_for_unicode:3.0:*:*:*:*:c\/c\+\+:*:*
    cpe:2.3:a:icu-project:international_components_for_unicode:3.0:*:*:*:*:c\/c\+\+:*:*
  • cpe:2.3:a:icu-project:international_components_for_unicode:3.2:*:*:*:*:c\/c\+\+:*:*
    cpe:2.3:a:icu-project:international_components_for_unicode:3.2:*:*:*:*:c\/c\+\+:*:*
  • cpe:2.3:a:icu-project:international_components_for_unicode:3.2.1:*:*:*:*:c\/c\+\+:*:*
    cpe:2.3:a:icu-project:international_components_for_unicode:3.2.1:*:*:*:*:c\/c\+\+:*:*
  • cpe:2.3:a:icu-project:international_components_for_unicode:3.4:*:*:*:*:c\/c\+\+:*:*
    cpe:2.3:a:icu-project:international_components_for_unicode:3.4:*:*:*:*:c\/c\+\+:*:*
  • cpe:2.3:a:icu-project:international_components_for_unicode:3.4.1:*:*:*:*:c\/c\+\+:*:*
    cpe:2.3:a:icu-project:international_components_for_unicode:3.4.1:*:*:*:*:c\/c\+\+:*:*
  • cpe:2.3:a:icu-project:international_components_for_unicode:3.6:*:*:*:*:c\/c\+\+:*:*
    cpe:2.3:a:icu-project:international_components_for_unicode:3.6:*:*:*:*:c\/c\+\+:*:*
  • cpe:2.3:a:icu-project:international_components_for_unicode:3.8:*:*:*:*:c\/c\+\+:*:*
    cpe:2.3:a:icu-project:international_components_for_unicode:3.8:*:*:*:*:c\/c\+\+:*:*
  • cpe:2.3:a:icu-project:international_components_for_unicode:3.8.1:*:*:*:*:c\/c\+\+:*:*
    cpe:2.3:a:icu-project:international_components_for_unicode:3.8.1:*:*:*:*:c\/c\+\+:*:*
CVSS
Base: 6.8 (as of 15-10-2018 - 21:37)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
oval via4
  • accepted 2013-04-29T04:12:03.133-04:00
    class vulnerability
    contributors
    • name Aharon Chernin
      organization SCAP.com, LLC
    • name Dragos Prisaca
      organization G2, Inc.
    definition_extensions
    • comment The operating system installed on the system is Red Hat Enterprise Linux 5
      oval oval:org.mitre.oval:def:11414
    • comment The operating system installed on the system is CentOS Linux 5.x
      oval oval:org.mitre.oval:def:15802
    • comment Oracle Linux 5.x
      oval oval:org.mitre.oval:def:15459
    description libicu in International Components for Unicode (ICU) 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero (aka \0), which might allow context-dependent attackers to read from, or write to, out-of-bounds memory locations, related to corruption of REStackFrames.
    family unix
    id oval:org.mitre.oval:def:11172
    status accepted
    submitted 2010-07-09T03:56:16-04:00
    title libicu in International Components for Unicode (ICU) 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero (aka \0), which might allow context-dependent attackers to read from, or write to, out-of-bounds memory locations, related to corruption of REStackFrames.
    version 18
  • accepted 2008-04-21T04:00:22.668-04:00
    class vulnerability
    contributors
    name Pai Peng
    organization Hewlett-Packard
    definition_extensions
    • comment Solaris 9 (SPARC) is installed
      oval oval:org.mitre.oval:def:1457
    • comment Solaris 10 (SPARC) is installed
      oval oval:org.mitre.oval:def:1440
    • comment Solaris 9 (x86) is installed
      oval oval:org.mitre.oval:def:1683
    • comment Solaris 10 (x86) is installed
      oval oval:org.mitre.oval:def:1926
    description libicu in International Components for Unicode (ICU) 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero (aka \0), which might allow context-dependent attackers to read from, or write to, out-of-bounds memory locations, related to corruption of REStackFrames.
    family unix
    id oval:org.mitre.oval:def:5507
    status accepted
    submitted 2008-03-11T10:54:47.000-04:00
    title Multiple Security Vulnerabilities in ICU 3.2 Library Regular Expression Processing May Cause a Denial of Service (DoS)
    version 35
redhat via4
advisories
rhsa
id RHSA-2008:0090
rpms
  • icu-0:3.6-5.11.1
  • icu-debuginfo-0:3.6-5.11.1
  • libicu-0:3.6-5.11.1
  • libicu-devel-0:3.6-5.11.1
  • libicu-doc-0:3.6-5.11.1
refmap via4
bid 27455
bugtraq 20080206 rPSA-2008-0043-1 icu
confirm
debian DSA-1511
fedora
  • FEDORA-2008-1036
  • FEDORA-2008-1076
gentoo
  • GLSA-200803-20
  • GLSA-200805-16
mandriva MDVSA-2008:026
mlist [icu-support] 20080122 ICU Patch for bugs in Regular Expressions
sectrack 1019269
secunia
  • 28575
  • 28615
  • 28669
  • 28783
  • 29194
  • 29242
  • 29291
  • 29294
  • 29333
  • 29852
  • 29910
  • 29987
  • 30179
sunalert
  • 231641
  • 233922
suse
  • SUSE-SA:2008:023
  • SUSE-SR:2008:005
ubuntu USN-591-1
vupen
  • ADV-2008-0282
  • ADV-2008-0807
  • ADV-2008-1375
xf libicu-restackframes-dos(39938)
Last major update 15-10-2018 - 21:37
Published 29-01-2008 - 00:00
Last modified 15-10-2018 - 21:37
Back to Top