New Search

Multiple Security Vulnerabilities in ICU 3.2 Library Regular Expression Processing May Cause a Denial of Service (DoS)

oval:org.mitre.oval:def:5507

libicu in International Components for Unicode (ICU) 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero (aka \0) which might allow context-dependent attackers to read from or write to out-of-bounds memory locations related to corruption of REStackFrames.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Sun Solaris 9
  • Sun Solaris 10
Class:
vulnerability
Reference(s):
  • CVE-2007-4770
Product(s):