GLSA-200803-20 : International Components for Unicode: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200803-20 International Components for Unicode: Multiple vulnerabilities Will Drewry Google Security reported a vulnerability in the regular expression engine when using back references to capture \0 characters CVE-2007-4770. He...

Debian Security Advisory DSA 1511-1 (libicu)

The remote host is missing an update to libicu announced via advisory DSA 1511-1. OpenVAS Vulnerability Test $Id: deb15111.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1511-1 libicu Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

Debian DSA-1511-1 : libicu - various

Several local vulnerabilities have been discovered in libicu, International Components for Unicode, The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-4770 libicu in International Components for Unicode ICU 3.8.1 and earlier attempts to process...

Design/Logic Flaw

libicu in International Components for Unicode ICU 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero aka \0, which might allow context-dependent attackers to read from, or write to, out-of-bounds memory locations, related to corruption of REStackFrames...

CVE-2007-4770

libicu in International Components for Unicode ICU 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero aka \0, which might allow context-dependent attackers to read from, or write to, out-of-bounds memory locations, related to corruption of REStackFrames...

CVE-2007-4770

libicu in International Components for Unicode ICU 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero aka \0, which might allow context-dependent attackers to read from, or write to, out-of-bounds memory locations, related to corruption of REStackFrames...

CVE-2007-4771

Heap-based buffer overflow in the doInterval function in regexcmp.cpp in libicu in International Components for Unicode ICU 3.8.1 and earlier allows context-dependent attackers to cause a denial of service memory consumption and possibly have unspecified other impact via a regular expression that...

CVE-2007-4771

CVE-2007-4771 is a heap-based overflow in ICU’s regex handling (doInterval in regexcmp.cpp) affecting ICU 3.8.1 and earlier. Attackers could cause memory consumption or denial of service by processing a crafted regular expression that writes a large amount of data to the backtracking stack. Affec...

CVE-2007-4770

CVE-2007-4770 affects the ICU libicu library. The issue arises when processing backreferences to capture group zero (\0), potentially causing memory corruption in RE stack frames and leading to a denial-of-service crash. The vulnerability is documented with; affected products include ICU in ICU4J...

CVE-2007-4771

Heap-based buffer overflow in the doInterval function in regexcmp.cpp in libicu in International Components for Unicode ICU 3.8.1 and earlier allows context-dependent attackers to cause a denial of service memory consumption and possibly have unspecified other impact via a regular expression that...

Important: Red Hat Security Advisory: icu security update

Updated icu packages that fix two security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The International Components for Unicode ICU library provides robust and full-featured Unicode...