LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Interview: Kristen Carlson Accardi

LWN.net Weekly Edition for July 24, 2008

Tracing: no shortage of options

Interview: Wind River's John Bruggeman

LWN.net Weekly Edition for July 17, 2008

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

icu: arbitrary code execution

Package(s):icu CVE #(s):CVE-2007-4770 CVE-2007-4771
Created:January 25, 2008 Updated:May 15, 2008
Description: From the Red Hat advisory: Will Drewry reported multiple flaws in the way libicu processed certain malformed regular expressions. If an application linked against ICU, such as OpenOffice.org, processed a carefully crafted regular expression, it may be possible to execute arbitrary code as the user running the application.
Alerts:
Red Hat RHSA-2008:0090-01 2008-01-25
Fedora FEDORA-2008-1076 2008-01-27
Fedora FEDORA-2008-1036 2008-01-27
Mandriva MDVSA-2008:026 2008-01-25
rPath rPSA-2008-0043-1 2008-02-06
Debian DSA-1511-1 2008-03-03
SuSE SUSE-SR:2008:005 2008-03-06
Gentoo 200803-20 2008-03-11
Ubuntu USN-591-1 2008-03-24
SuSE SUSE-SA:2008:023 2008-04-18
Gentoo 200805-16 2008-05-14
(Log in to post comments)

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds
Powered by Rackspace Managed Hosting.