CVE-2007-4771

Heap-based buffer overflow in the doInterval function in regexcmp.cpp in libicu in International Components for Unicode (ICU) 3.8.1 and earlier allows context-dependent attackers to cause a denial of service (memory consumption) and possibly have unspecified other impact via a regular expression that writes a large amount of data to the backtracking stack. NOTE: some of these details are obtained from third party information.

🔗 References (80)

• cve@mitrehttp://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html
• cve@mitrehttp://rhn.redhat.com/errata/RHSA-2008-0090.html
• cve@mitrehttp://secunia.com/advisories/28575
• cve@mitrehttp://secunia.com/advisories/28615
• cve@mitrehttp://secunia.com/advisories/28669
• cve@mitrehttp://secunia.com/advisories/28783
• cve@mitrehttp://secunia.com/advisories/29194
• cve@mitrehttp://secunia.com/advisories/29242
• cve@mitrehttp://secunia.com/advisories/29291
• cve@mitrehttp://secunia.com/advisories/29294
• cve@mitrehttp://secunia.com/advisories/29333
• cve@mitrehttp://secunia.com/advisories/29852
• cve@mitrehttp://secunia.com/advisories/29910
• cve@mitrehttp://secunia.com/advisories/29987
• cve@mitrehttp://secunia.com/advisories/30179