Lucene search
Copyright (C) 2009 Greenbone Networks GmbHOPENVAS:1361412562310830687HistoryApr 09, 2009 - 12:00 a.m.
Mandriva Update for icu MDVSA-2008:026 (icu)
2009-04-0900:00:00
Copyright (C) 2009 Greenbone Networks GmbH
plugins.openvas.org
8
0.007 Low
EPSS
Percentile
77.7%
Check for the Version of icu
###############################################################################
# OpenVAS Vulnerability Test
#
# Mandriva Update for icu MDVSA-2008:026 (icu)
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
include("revisions-lib.inc");
tag_insight = "Will Drewry reported multiple flaws in how libicu processed certain
malformed regular expressions. If an application linked against
libicu, such as OpenOffice.org, processed a carefully-crafted regular
expression, it could potentially cause the execution of arbitrary
code with the privileges of the user running the application.
The updated packages have been patched to correct these issues.";
tag_affected = "icu on Mandriva Linux 2008.0,
Mandriva Linux 2008.0/X86_64";
tag_solution = "Please Install the Updated Packages.";
if(description)
{
script_xref(name : "URL" , value : "http://lists.mandriva.com/security-announce/2008-01/msg00045.php");
script_oid("1.3.6.1.4.1.25623.1.0.830687");
script_version("$Revision: 9370 $");
script_tag(name:"last_modification", value:"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $");
script_tag(name:"creation_date", value:"2009-04-09 14:26:37 +0200 (Thu, 09 Apr 2009)");
script_tag(name:"cvss_base", value:"9.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_xref(name: "MDVSA", value: "2008:026");
script_cve_id("CVE-2007-4770", "CVE-2007-4771");
script_name( "Mandriva Update for icu MDVSA-2008:026 (icu)");
script_tag(name:"summary", value:"Check for the Version of icu");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2009 Greenbone Networks GmbH");
script_family("Mandrake Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/mandriva_mandrake_linux", "ssh/login/release");
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "insight" , value : tag_insight);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-rpm.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "MNDK_2008.0")
{
if ((res = isrpmvuln(pkg:"icu", rpm:"icu~3.6~4.1mdv2008.0", rls:"MNDK_2008.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"icu-doc", rpm:"icu-doc~3.6~4.1mdv2008.0", rls:"MNDK_2008.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libicu-devel", rpm:"libicu-devel~3.6~4.1mdv2008.0", rls:"MNDK_2008.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libicu36", rpm:"libicu36~3.6~4.1mdv2008.0", rls:"MNDK_2008.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64icu-devel", rpm:"lib64icu-devel~3.6~4.1mdv2008.0", rls:"MNDK_2008.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64icu36", rpm:"lib64icu36~3.6~4.1mdv2008.0", rls:"MNDK_2008.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
Related
openvas
openvas
Solaris Update for International Components for Unicode 119811-05
2009-06-03 00:00:00
Fedora Update for icu FEDORA-2008-1036
2009-02-16 00:00:00
Mandriva Update for icu MDVSA-2008:026 (icu)
2009-04-09 00:00:00
oraclelinux
oraclelinux
Important: icu security update
2008-01-25 00:00:00
nessus
nessus
Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : icu vulnerabilities (USN-591-1)
2008-03-26 00:00:00
Oracle Linux 5 : icu (ELSA-2008-0090)
2013-07-12 00:00:00
RHEL 5 : icu (RHSA-2008:0090)
2008-01-27 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: icu-3.8-5.fc8
2008-01-27 07:13:29
[SECURITY] Fedora 7 Update: icu-3.6-20.fc7
2008-01-27 07:21:37
osv
osv
icu - multiple problems
2008-03-03 00:00:00
redhat
redhat
(RHSA-2008:0090) Important: icu security update
2008-01-25 00:00:00
debian
debian
[SECURITY] [DSA 1511-1] New libicu packages fix multiple problems
2008-03-03 21:14:49
securityvulns
securityvulns
icu / libicu multiple security vulnerabilities
2008-01-27 00:00:00
[ MDVSA-2008:026 ] - Updated icu packages fix vulnerabilities
2008-01-27 00:00:00
ubuntu
ubuntu
libicu vulnerabilities
2008-03-24 00:00:00
gentoo
gentoo
International Components for Unicode: Multiple vulnerabilities
2008-03-11 00:00:00
OpenOffice.org: Multiple vulnerabilities
2008-05-14 00:00:00
centos
centos
icu, libicu security update
2008-01-25 14:57:12
cve
cve
CVE-2007-4771
2008-01-29 00:00:00
CVE-2007-4770
2008-01-29 00:00:00
ubuntucve
ubuntucve
CVE-2007-4771
2008-01-29 00:00:00
CVE-2007-4770
2008-01-29 00:00:00
prion
prion
Heap overflow
2008-01-29 00:00:00
Design/Logic Flaw
2008-01-29 00:00:00
debiancve
debiancve
CVE-2007-4771
2008-01-29 00:00:00
CVE-2007-4770
2008-01-29 00:00:00
suse
suse
local privilege escalation in OpenOffice_org
2008-04-18 09:57:35
