CVE-2007-4771

2008-01-2900:00:00

ubuntu.com

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.007 Low

EPSS

Percentile

79.9%

JSON

Heap-based buffer overflow in the doInterval function in regexcmp.cpp in
libicu in International Components for Unicode (ICU) 3.8.1 and earlier
allows context-dependent attackers to cause a denial of service (memory
consumption) and possibly have unspecified other impact via a regular
expression that writes a large amount of data to the backtracking stack.
NOTE: some of these details are obtained from third party information.

Bugs

<https://bugs.launchpad.net/ubuntu/+source/icu/+bug/186578>

OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchicu< 3.4.1a-1ubuntu1.6.06.1UNKNOWN
ubuntu6.10noarchicu< 3.4.1a-1ubuntu1.6.10.1UNKNOWN
ubuntu7.04noarchicu< 3.6-2ubuntu0.1UNKNOWN
ubuntu7.10noarchicu< 3.6-3ubuntu0.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	6.06	noarch	icu	< 3.4.1a-1ubuntu1.6.06.1	UNKNOWN
ubuntu	6.10	noarch	icu	< 3.4.1a-1ubuntu1.6.10.1	UNKNOWN
ubuntu	7.04	noarch	icu	< 3.6-2ubuntu0.1	UNKNOWN
ubuntu	7.10	noarch	icu	< 3.6-3ubuntu0.1	UNKNOWN