[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247862

 
 

909

 
 

194603

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2007-4770Date: (C)2008-01-28   (M)2023-12-22


libicu in International Components for Unicode (ICU) 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero (aka ), which might allow context-dependent attackers to read from, or write to, out-of-bounds memory locations, related to corruption of REStackFrames.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 6.8
Exploit Score: 8.6
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECTRACK-1019269
http://www.securityfocus.com/archive/1/487677/100/0/threaded
SUNALERT-231641
SUNALERT-233922
BID-27455
SECUNIA-28575
SECUNIA-28615
SECUNIA-28669
SECUNIA-28783
SECUNIA-29194
SECUNIA-29242
SECUNIA-29291
SECUNIA-29294
SECUNIA-29333
SECUNIA-29852
SECUNIA-29910
SECUNIA-29987
SECUNIA-30179
ADV-2008-0282
ADV-2008-0807
ADV-2008-1375
DSA-1511
FEDORA-2008-1036
FEDORA-2008-1076
GLSA-200803-20
GLSA-200805-16
MDVSA-2008:026
RHSA-2008:0090
SUSE-SA:2008:023
SUSE-SR:2008:005
USN-591-1
http://sourceforge.net/mailarchive/message.php?msg_name=d03a2ffb0801221538x68825e42xb4a4aaf0fcccecbd%40mail.gmail.com
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0043
http://www.openoffice.org/security/cves/CVE-2007-4770.html
http://www.openoffice.org/security/cves/CVE-2007-5745.html
https://bugzilla.redhat.com/show_bug.cgi?id=429023
https://issues.rpath.com/browse/RPL-2199
libicu-restackframes-dos(39938)
oval:org.mitre.oval:def:11172
oval:org.mitre.oval:def:5507

CWE    1
CWE-399
OVAL    2
oval:org.mitre.oval:def:8243
oval:org.secpod.oval:def:301270

© SecPod Technologies