CVE-2007-4771

Publication date 29 January 2008

Last updated 24 July 2024


Ubuntu priority

Heap-based buffer overflow in the doInterval function in regexcmp.cpp in libicu in International Components for Unicode (ICU) 3.8.1 and earlier allows context-dependent attackers to cause a denial of service (memory consumption) and possibly have unspecified other impact via a regular expression that writes a large amount of data to the backtracking stack. NOTE: some of these details are obtained from third party information.

Status

Package Ubuntu Release Status
icu 7.10 gutsy
Fixed 3.6-3ubuntu0.1
7.04 feisty
Fixed 3.6-2ubuntu0.1
6.10 edgy
Fixed 3.4.1a-1ubuntu1.6.10.1
6.06 LTS dapper
Fixed 3.4.1a-1ubuntu1.6.06.1

References

Related Ubuntu Security Notices (USN)

    • USN-591-1
    • libicu vulnerabilities
    • 24 March 2008

Other references