Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2007-4770
HistoryJan 29, 2008 - 12:00 a.m.

CVE-2007-4770

2008-01-2900:00:00
CWE-399
[email protected]
web.nvd.nist.gov
41
libicu
international components for unicode
icu
cve-2007-4770
backreferences
out-of-bounds memory
restackframes
nvd

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.2

Confidence

Low

EPSS

0.007

Percentile

81.0%

JSON

libicu in International Components for Unicode (ICU) 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero (aka \0), which might allow context-dependent attackers to read from, or write to, out-of-bounds memory locations, related to corruption of REStackFrames.

Affected configurations

NVD
Node
icu-projectinternational_components_for_unicodeRange3.8.1c\/c\+\+
VendorProductVersionCPE
icu-projectinternational_components_for_unicodecpe:/a:icu-project:international_components_for_unicode::::

References

Related

ubuntucve 1
debiancve 1
cvelist 1
prion 1
nvd 1
nessus 16
securityvulns 2
openvas 27
centos 1
redhat 1
debian 1
osv 1
fedora 2
gentoo 2
ubuntu 1
oraclelinux 1
suse 1
ibm 1
ubuntucve
ubuntucve
CVE-2007-4770
2008-01-29 00:00:00
debiancve
debiancve
CVE-2007-4770
2008-01-29 00:00:00
cvelist
cvelist
CVE-2007-4770
2008-01-28 23:00:00
prion
prion
Design/Logic Flaw
2008-01-29 00:00:00
nvd
nvd
CVE-2007-4770
2008-01-29 00:00:00
nessus
nessus
CentOS 5 : icu (CESA-2008:0090)
2010-01-06 00:00:00
Fedora 7 : icu-3.6-20.fc7 (2008-1076)
2008-01-27 00:00:00
Debian DSA-1511-1 : libicu - various
2008-03-07 00:00:00
securityvulns
securityvulns
[ MDVSA-2008:026 ] - Updated icu packages fix vulnerabilities
2008-01-27 00:00:00
icu / libicu multiple security vulnerabilities
2008-01-27 00:00:00
openvas
openvas
Solaris Update for International Components for Unicode 114678-15
2009-06-03 00:00:00
Debian Security Advisory DSA 1511-1 (libicu)
2008-03-11 00:00:00
Ubuntu Update for icu vulnerabilities USN-591-1
2009-03-23 00:00:00
centos
centos
icu, libicu security update
2008-01-25 14:57:12
redhat
redhat
(RHSA-2008:0090) Important: icu security update
2008-01-25 00:00:00
debian
debian
[SECURITY] [DSA 1511-1] New libicu packages fix multiple problems
2008-03-03 21:14:41
osv
osv
icu - multiple problems
2008-03-03 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: icu-3.8-5.fc8
2008-01-27 07:13:29
[SECURITY] Fedora 7 Update: icu-3.6-20.fc7
2008-01-27 07:21:37
gentoo
gentoo
International Components for Unicode: Multiple vulnerabilities
2008-03-11 00:00:00
OpenOffice.org: Multiple vulnerabilities
2008-05-14 00:00:00
ubuntu
ubuntu
libicu vulnerabilities
2008-03-24 00:00:00
oraclelinux
oraclelinux
Important: icu security update
2008-01-25 00:00:00
suse
suse
local privilege escalation in OpenOffice_org
2008-04-18 09:57:35
ibm
ibm
Security Bulletin: TADDM is vulnerable to a denial of service due to vulnerabilities in ICU4J Library
2023-04-26 14:21:56

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.2

Confidence

Low

EPSS

0.007

Percentile

81.0%

JSON
Related for CVE-2007-4770
ubuntucve1debiancve1cvelist1prion1nvd1nessus16securityvulns2openvas27centos1redhat1debian1osv1fedora2gentoo2ubuntu1oraclelinux1suse1ibm1