Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2007-4770 (GCVE-0-2007-4770)
Vulnerability from cvelistv5 – Published: 2008-01-28 23:00 – Updated: 2024-08-07 15:08
VLAI?
EPSS
Summary
libicu in International Components for Unicode (ICU) 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero (aka \0), which might allow context-dependent attackers to read from, or write to, out-of-bounds memory locations, related to corruption of REStackFrames.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
40 references
Date Public ?
2008-01-22 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:08:33.653Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:11172",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11172"
},
{
"name": "233922",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233922-1"
},
{
"name": "28615",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28615"
},
{
"name": "oval:org.mitre.oval:def:5507",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5507"
},
{
"name": "29852",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29852"
},
{
"name": "28783",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28783"
},
{
"name": "29291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29291"
},
{
"name": "SUSE-SA:2008:023",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2008_23_openoffice.html"
},
{
"name": "29242",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29242"
},
{
"name": "1019269",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1019269"
},
{
"name": "GLSA-200805-16",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200805-16.xml"
},
{
"name": "29987",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29987"
},
{
"name": "SUSE-SR:2008:005",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html"
},
{
"name": "27455",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27455"
},
{
"name": "29294",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29294"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openoffice.org/security/cves/CVE-2007-4770.html"
},
{
"name": "GLSA-200803-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200803-20.xml"
},
{
"name": "DSA-1511",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1511"
},
{
"name": "libicu-restackframes-dos(39938)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39938"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0043"
},
{
"name": "RHSA-2008:0090",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2008-0090.html"
},
{
"name": "29333",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29333"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-2199"
},
{
"name": "USN-591-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-591-1"
},
{
"name": "MDVSA-2008:026",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:026"
},
{
"name": "231641",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231641-1"
},
{
"name": "ADV-2008-1375",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1375/references"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=429023"
},
{
"name": "29194",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29194"
},
{
"name": "30179",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30179"
},
{
"name": "FEDORA-2008-1076",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00921.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openoffice.org/security/cves/CVE-2007-5745.html"
},
{
"name": "28575",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28575"
},
{
"name": "20080206 rPSA-2008-0043-1 icu",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/487677/100/0/threaded"
},
{
"name": "[icu-support] 20080122 ICU Patch for bugs in Regular Expressions",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://sourceforge.net/mailarchive/message.php?msg_name=d03a2ffb0801221538x68825e42xb4a4aaf0fcccecbd%40mail.gmail.com"
},
{
"name": "28669",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28669"
},
{
"name": "ADV-2008-0807",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0807/references"
},
{
"name": "29910",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29910"
},
{
"name": "FEDORA-2008-1036",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00896.html"
},
{
"name": "ADV-2008-0282",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0282"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-01-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "libicu in International Components for Unicode (ICU) 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero (aka \\0), which might allow context-dependent attackers to read from, or write to, out-of-bounds memory locations, related to corruption of REStackFrames."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oval:org.mitre.oval:def:11172",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11172"
},
{
"name": "233922",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233922-1"
},
{
"name": "28615",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28615"
},
{
"name": "oval:org.mitre.oval:def:5507",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5507"
},
{
"name": "29852",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29852"
},
{
"name": "28783",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28783"
},
{
"name": "29291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29291"
},
{
"name": "SUSE-SA:2008:023",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2008_23_openoffice.html"
},
{
"name": "29242",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29242"
},
{
"name": "1019269",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1019269"
},
{
"name": "GLSA-200805-16",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200805-16.xml"
},
{
"name": "29987",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29987"
},
{
"name": "SUSE-SR:2008:005",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html"
},
{
"name": "27455",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27455"
},
{
"name": "29294",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29294"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openoffice.org/security/cves/CVE-2007-4770.html"
},
{
"name": "GLSA-200803-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200803-20.xml"
},
{
"name": "DSA-1511",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1511"
},
{
"name": "libicu-restackframes-dos(39938)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39938"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0043"
},
{
"name": "RHSA-2008:0090",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2008-0090.html"
},
{
"name": "29333",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29333"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-2199"
},
{
"name": "USN-591-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-591-1"
},
{
"name": "MDVSA-2008:026",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:026"
},
{
"name": "231641",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231641-1"
},
{
"name": "ADV-2008-1375",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1375/references"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=429023"
},
{
"name": "29194",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29194"
},
{
"name": "30179",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30179"
},
{
"name": "FEDORA-2008-1076",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00921.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openoffice.org/security/cves/CVE-2007-5745.html"
},
{
"name": "28575",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28575"
},
{
"name": "20080206 rPSA-2008-0043-1 icu",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/487677/100/0/threaded"
},
{
"name": "[icu-support] 20080122 ICU Patch for bugs in Regular Expressions",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://sourceforge.net/mailarchive/message.php?msg_name=d03a2ffb0801221538x68825e42xb4a4aaf0fcccecbd%40mail.gmail.com"
},
{
"name": "28669",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28669"
},
{
"name": "ADV-2008-0807",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0807/references"
},
{
"name": "29910",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29910"
},
{
"name": "FEDORA-2008-1036",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00896.html"
},
{
"name": "ADV-2008-0282",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0282"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4770",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "libicu in International Components for Unicode (ICU) 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero (aka \\0), which might allow context-dependent attackers to read from, or write to, out-of-bounds memory locations, related to corruption of REStackFrames."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:11172",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11172"
},
{
"name": "233922",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233922-1"
},
{
"name": "28615",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28615"
},
{
"name": "oval:org.mitre.oval:def:5507",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5507"
},
{
"name": "29852",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29852"
},
{
"name": "28783",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28783"
},
{
"name": "29291",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29291"
},
{
"name": "SUSE-SA:2008:023",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2008_23_openoffice.html"
},
{
"name": "29242",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29242"
},
{
"name": "1019269",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019269"
},
{
"name": "GLSA-200805-16",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200805-16.xml"
},
{
"name": "29987",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29987"
},
{
"name": "SUSE-SR:2008:005",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html"
},
{
"name": "27455",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27455"
},
{
"name": "29294",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29294"
},
{
"name": "http://www.openoffice.org/security/cves/CVE-2007-4770.html",
"refsource": "CONFIRM",
"url": "http://www.openoffice.org/security/cves/CVE-2007-4770.html"
},
{
"name": "GLSA-200803-20",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200803-20.xml"
},
{
"name": "DSA-1511",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1511"
},
{
"name": "libicu-restackframes-dos(39938)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39938"
},
{
"name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0043",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0043"
},
{
"name": "RHSA-2008:0090",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2008-0090.html"
},
{
"name": "29333",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29333"
},
{
"name": "https://issues.rpath.com/browse/RPL-2199",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-2199"
},
{
"name": "USN-591-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-591-1"
},
{
"name": "MDVSA-2008:026",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:026"
},
{
"name": "231641",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231641-1"
},
{
"name": "ADV-2008-1375",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1375/references"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=429023",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=429023"
},
{
"name": "29194",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29194"
},
{
"name": "30179",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30179"
},
{
"name": "FEDORA-2008-1076",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00921.html"
},
{
"name": "http://www.openoffice.org/security/cves/CVE-2007-5745.html",
"refsource": "CONFIRM",
"url": "http://www.openoffice.org/security/cves/CVE-2007-5745.html"
},
{
"name": "28575",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28575"
},
{
"name": "20080206 rPSA-2008-0043-1 icu",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/487677/100/0/threaded"
},
{
"name": "[icu-support] 20080122 ICU Patch for bugs in Regular Expressions",
"refsource": "MLIST",
"url": "http://sourceforge.net/mailarchive/message.php?msg_name=d03a2ffb0801221538x68825e42xb4a4aaf0fcccecbd%40mail.gmail.com"
},
{
"name": "28669",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28669"
},
{
"name": "ADV-2008-0807",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0807/references"
},
{
"name": "29910",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29910"
},
{
"name": "FEDORA-2008-1036",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00896.html"
},
{
"name": "ADV-2008-0282",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0282"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4770",
"datePublished": "2008-01-28T23:00:00.000Z",
"dateReserved": "2007-09-10T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:08:33.653Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2007-4770",
"date": "2026-05-19",
"epss": "0.0367",
"percentile": "0.88032"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:icu-project:international_components_for_unicode:*:*:*:*:*:c\\\\/c\\\\+\\\\+:*:*\", \"versionEndIncluding\": \"3.8.1\", \"matchCriteriaId\": \"8C296240-3851-4E13-8941-F20F6B42EF94\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"libicu in International Components for Unicode (ICU) 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero (aka \\\\0), which might allow context-dependent attackers to read from, or write to, out-of-bounds memory locations, related to corruption of REStackFrames.\"}, {\"lang\": \"es\", \"value\": \"libicu de International Components for Unicode (ICU) 3.8.1 y versiones anteriores intenta procesar referencias a un grupo de captura no existente cero (tambi\\u00e9n conocido como \\\\0), lo cual podr\\u00eda permitir a atacantes locales o remotos dependientes del contexto leer desde, \\u00f3 escribir en, direcciones de memoria fuera de los l\\u00edmites, relativo a corrupci\\u00f3n de REStackFrames.\\r\\n\"}]",
"id": "CVE-2007-4770",
"lastModified": "2024-11-21T00:36:24.537",
"metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 6.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": true, \"userInteractionRequired\": false}]}",
"published": "2008-01-29T00:00:00.000",
"references": "[{\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2008-0090.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28575\", \"source\": \"cve@mitre.org\", \"tags\": [\"Permissions Required\"]}, {\"url\": \"http://secunia.com/advisories/28615\", \"source\": \"cve@mitre.org\", \"tags\": [\"Permissions Required\"]}, {\"url\": \"http://secunia.com/advisories/28669\", \"source\": \"cve@mitre.org\", \"tags\": [\"Permissions Required\"]}, {\"url\": \"http://secunia.com/advisories/28783\", \"source\": \"cve@mitre.org\", \"tags\": [\"Permissions Required\"]}, {\"url\": \"http://secunia.com/advisories/29194\", \"source\": \"cve@mitre.org\", \"tags\": [\"Permissions Required\"]}, {\"url\": \"http://secunia.com/advisories/29242\", \"source\": \"cve@mitre.org\", \"tags\": [\"Permissions Required\"]}, {\"url\": \"http://secunia.com/advisories/29291\", \"source\": \"cve@mitre.org\", \"tags\": [\"Permissions Required\"]}, {\"url\": \"http://secunia.com/advisories/29294\", \"source\": \"cve@mitre.org\", \"tags\": [\"Permissions Required\"]}, {\"url\": \"http://secunia.com/advisories/29333\", \"source\": \"cve@mitre.org\", \"tags\": [\"Permissions Required\"]}, {\"url\": \"http://secunia.com/advisories/29852\", \"source\": \"cve@mitre.org\", \"tags\": [\"Permissions Required\"]}, {\"url\": \"http://secunia.com/advisories/29910\", \"source\": \"cve@mitre.org\", \"tags\": [\"Permissions Required\"]}, {\"url\": \"http://secunia.com/advisories/29987\", \"source\": \"cve@mitre.org\", \"tags\": [\"Permissions Required\"]}, {\"url\": \"http://secunia.com/advisories/30179\", \"source\": \"cve@mitre.org\", \"tags\": [\"Permissions Required\"]}, {\"url\": \"http://security.gentoo.org/glsa/glsa-200803-20.xml\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://security.gentoo.org/glsa/glsa-200805-16.xml\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://securitytracker.com/id?1019269\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://sourceforge.net/mailarchive/message.php?msg_name=d03a2ffb0801221538x68825e42xb4a4aaf0fcccecbd%40mail.gmail.com\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-26-231641-1\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-26-233922-1\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0043\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.debian.org/security/2008/dsa-1511\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2008:026\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.novell.com/linux/security/advisories/2008_23_openoffice.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.openoffice.org/security/cves/CVE-2007-4770.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.openoffice.org/security/cves/CVE-2007-5745.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/487677/100/0/threaded\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/27455\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.ubuntu.com/usn/usn-591-1\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0282\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0807/references\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/1375/references\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=429023\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/39938\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://issues.rpath.com/browse/RPL-2199\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11172\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5507\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00896.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00921.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2008-0090.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28575\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Permissions Required\"]}, {\"url\": \"http://secunia.com/advisories/28615\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Permissions Required\"]}, {\"url\": \"http://secunia.com/advisories/28669\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Permissions Required\"]}, {\"url\": \"http://secunia.com/advisories/28783\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Permissions Required\"]}, {\"url\": \"http://secunia.com/advisories/29194\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Permissions Required\"]}, {\"url\": \"http://secunia.com/advisories/29242\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Permissions Required\"]}, {\"url\": \"http://secunia.com/advisories/29291\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Permissions Required\"]}, {\"url\": \"http://secunia.com/advisories/29294\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Permissions Required\"]}, {\"url\": \"http://secunia.com/advisories/29333\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Permissions Required\"]}, {\"url\": \"http://secunia.com/advisories/29852\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Permissions Required\"]}, {\"url\": \"http://secunia.com/advisories/29910\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Permissions Required\"]}, {\"url\": \"http://secunia.com/advisories/29987\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Permissions Required\"]}, {\"url\": \"http://secunia.com/advisories/30179\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Permissions Required\"]}, {\"url\": \"http://security.gentoo.org/glsa/glsa-200803-20.xml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://security.gentoo.org/glsa/glsa-200805-16.xml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://securitytracker.com/id?1019269\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://sourceforge.net/mailarchive/message.php?msg_name=d03a2ffb0801221538x68825e42xb4a4aaf0fcccecbd%40mail.gmail.com\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-26-231641-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-26-233922-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0043\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.debian.org/security/2008/dsa-1511\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2008:026\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.novell.com/linux/security/advisories/2008_23_openoffice.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.openoffice.org/security/cves/CVE-2007-4770.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.openoffice.org/security/cves/CVE-2007-5745.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/487677/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/27455\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.ubuntu.com/usn/usn-591-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0282\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0807/references\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/1375/references\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=429023\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/39938\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://issues.rpath.com/browse/RPL-2199\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11172\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5507\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00896.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00921.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-399\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2007-4770\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2008-01-29T00:00:00.000\",\"lastModified\":\"2026-04-23T00:35:47.467\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"libicu in International Components for Unicode (ICU) 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero (aka \\\\0), which might allow context-dependent attackers to read from, or write to, out-of-bounds memory locations, related to corruption of REStackFrames.\"},{\"lang\":\"es\",\"value\":\"libicu de International Components for Unicode (ICU) 3.8.1 y versiones anteriores intenta procesar referencias a un grupo de captura no existente cero (tambi\u00e9n conocido como \\\\0), lo cual podr\u00eda permitir a atacantes locales o remotos dependientes del contexto leer desde, \u00f3 escribir en, direcciones de memoria fuera de los l\u00edmites, relativo a corrupci\u00f3n de REStackFrames.\\r\\n\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":true,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-399\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:icu-project:international_components_for_unicode:*:*:*:*:*:c\\\\/c\\\\+\\\\+:*:*\",\"versionEndIncluding\":\"3.8.1\",\"matchCriteriaId\":\"8C296240-3851-4E13-8941-F20F6B42EF94\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2008-0090.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/28575\",\"source\":\"cve@mitre.org\",\"tags\":[\"Permissions Required\"]},{\"url\":\"http://secunia.com/advisories/28615\",\"source\":\"cve@mitre.org\",\"tags\":[\"Permissions Required\"]},{\"url\":\"http://secunia.com/advisories/28669\",\"source\":\"cve@mitre.org\",\"tags\":[\"Permissions Required\"]},{\"url\":\"http://secunia.com/advisories/28783\",\"source\":\"cve@mitre.org\",\"tags\":[\"Permissions Required\"]},{\"url\":\"http://secunia.com/advisories/29194\",\"source\":\"cve@mitre.org\",\"tags\":[\"Permissions Required\"]},{\"url\":\"http://secunia.com/advisories/29242\",\"source\":\"cve@mitre.org\",\"tags\":[\"Permissions Required\"]},{\"url\":\"http://secunia.com/advisories/29291\",\"source\":\"cve@mitre.org\",\"tags\":[\"Permissions Required\"]},{\"url\":\"http://secunia.com/advisories/29294\",\"source\":\"cve@mitre.org\",\"tags\":[\"Permissions Required\"]},{\"url\":\"http://secunia.com/advisories/29333\",\"source\":\"cve@mitre.org\",\"tags\":[\"Permissions Required\"]},{\"url\":\"http://secunia.com/advisories/29852\",\"source\":\"cve@mitre.org\",\"tags\":[\"Permissions Required\"]},{\"url\":\"http://secunia.com/advisories/29910\",\"source\":\"cve@mitre.org\",\"tags\":[\"Permissions Required\"]},{\"url\":\"http://secunia.com/advisories/29987\",\"source\":\"cve@mitre.org\",\"tags\":[\"Permissions Required\"]},{\"url\":\"http://secunia.com/advisories/30179\",\"source\":\"cve@mitre.org\",\"tags\":[\"Permissions Required\"]},{\"url\":\"http://security.gentoo.org/glsa/glsa-200803-20.xml\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://security.gentoo.org/glsa/glsa-200805-16.xml\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://securitytracker.com/id?1019269\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://sourceforge.net/mailarchive/message.php?msg_name=d03a2ffb0801221538x68825e42xb4a4aaf0fcccecbd%40mail.gmail.com\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-26-231641-1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-26-233922-1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0043\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2008/dsa-1511\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2008:026\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.novell.com/linux/security/advisories/2008_23_openoffice.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openoffice.org/security/cves/CVE-2007-4770.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openoffice.org/security/cves/CVE-2007-5745.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/487677/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/27455\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/usn-591-1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/0282\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/0807/references\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/1375/references\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=429023\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/39938\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://issues.rpath.com/browse/RPL-2199\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11172\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5507\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00896.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00921.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2008-0090.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/28575\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\"]},{\"url\":\"http://secunia.com/advisories/28615\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\"]},{\"url\":\"http://secunia.com/advisories/28669\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\"]},{\"url\":\"http://secunia.com/advisories/28783\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\"]},{\"url\":\"http://secunia.com/advisories/29194\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\"]},{\"url\":\"http://secunia.com/advisories/29242\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\"]},{\"url\":\"http://secunia.com/advisories/29291\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\"]},{\"url\":\"http://secunia.com/advisories/29294\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\"]},{\"url\":\"http://secunia.com/advisories/29333\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\"]},{\"url\":\"http://secunia.com/advisories/29852\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\"]},{\"url\":\"http://secunia.com/advisories/29910\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\"]},{\"url\":\"http://secunia.com/advisories/29987\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\"]},{\"url\":\"http://secunia.com/advisories/30179\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\"]},{\"url\":\"http://security.gentoo.org/glsa/glsa-200803-20.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://security.gentoo.org/glsa/glsa-200805-16.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://securitytracker.com/id?1019269\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://sourceforge.net/mailarchive/message.php?msg_name=d03a2ffb0801221538x68825e42xb4a4aaf0fcccecbd%40mail.gmail.com\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-26-231641-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-26-233922-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0043\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2008/dsa-1511\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2008:026\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.novell.com/linux/security/advisories/2008_23_openoffice.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openoffice.org/security/cves/CVE-2007-4770.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openoffice.org/security/cves/CVE-2007-5745.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/487677/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/27455\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/usn-591-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/0282\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/0807/references\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/1375/references\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=429023\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/39938\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://issues.rpath.com/browse/RPL-2199\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11172\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5507\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00896.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00921.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
CERTA-2008-AVI-123
Vulnerability from certfr_avis - Published: - Updated:
Plusieurs vulnérabilités concernant le traitement des expressions régulières de la bibliothèque ICU (International Components for Unicode) ont été corrigées.
Description
Une mauvaise gestion des tentatives d'utilisation de la référence arrière 0 dans une expression régulière, permet l'exécution de code arbitraire à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneReferences
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Sun Solaris 9.",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Sun Solaris 10 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nUne mauvaise gestion des tentatives d\u0027utilisation de la r\u00e9f\u00e9rence\narri\u00e8re 0 dans une expression r\u00e9guli\u00e8re, permet l\u0027ex\u00e9cution de code\narbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2007-4771",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4771"
},
{
"name": "CVE-2007-4770",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4770"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Sun Solaris #233922 du 07 mars 2008 :",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233922-1"
}
],
"reference": "CERTA-2008-AVI-123",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2008-03-11T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "Plusieurs vuln\u00e9rabilit\u00e9s concernant le traitement des expressions\nr\u00e9guli\u00e8res de la biblioth\u00e8que ICU (\u003cspan class=\"textit\"\u003eInternational\nComponents for Unicode\u003c/span\u003e) ont \u00e9t\u00e9 corrig\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans la biblioth\u00e8que Sun Solaris ICU",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Sun 233922 du 7 mars 2008",
"url": null
}
]
}
CERTA-2008-AVI-218
Vulnerability from certfr_avis - Published: - Updated:
Plusieurs vulnérabilités dans la suite bureautique OpenOffice.org ont été découvertes et permettent à une personne malveillante d'exécuter du code arbitraire à distance.
Description
Plusieurs vulnérabilités dans le traitement des fichiers EMF, ODF, Quattro Pro et OLE d'OpenOffice.org ont été découvertes. Elles permettent à une personne malveillante d'exécuter du code arbitraire à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Toutes les versions antérieures à la version 2.4.
Impacted products
| Vendor | Product | Description |
|---|
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cP\u003eToutes les versions ant\u00e9rieures \u00e0 la version 2.4.\u003c/P\u003e",
"content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s dans le traitement des fichiers EMF, ODF,\nQuattro Pro et OLE d\u0027OpenOffice.org ont \u00e9t\u00e9 d\u00e9couvertes. Elles\npermettent \u00e0 une personne malveillante d\u0027ex\u00e9cuter du code arbitraire \u00e0\ndistance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2007-4771",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4771"
},
{
"name": "CVE-2007-5745",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-5745"
},
{
"name": "CVE-2008-0320",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-0320"
},
{
"name": "CVE-2007-4770",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4770"
},
{
"name": "CVE-2007-5747",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-5747"
},
{
"name": "CVE-2007-5746",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-5746"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 SuSE SUSE-SR:2008:005 du 06 mars 2008 :",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2008:0175 du 17 avril 2008 :",
"url": "http://rhn.redhat.com/errata/RHSA-2008-0175.html"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2007-5745 : https://www.cve.org/CVERecord?id=CVE-2007-5745",
"url": "http://cvve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5745"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 OpenOffice CVE-2007-4771 :",
"url": "http://www.openoffice.org/security/cves/CVE-2007-4771.html"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2007-4770 : https://www.cve.org/CVERecord?id=CVE-2007-4770",
"url": "http://cvve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4770"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Debian DSA-1547 du 17 avril 2008 :",
"url": "http://www.debian.org/security/2008/dsa-1547"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 OpenOffice CVE-2007-4770 :",
"url": "http://www.openoffice.org/security/cves/CVE-2007-4770.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 OpenOffice CVE-2007-5745 :",
"url": "http://www.openoffice.org/security/cves/CVE-2007-5745.html"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2008-0320 : https://www.cve.org/CVERecord?id=CVE-2008-0320",
"url": "http://cvve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0320"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2007-4771 : https://www.cve.org/CVERecord?id=CVE-2007-4771",
"url": "http://cvve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4771"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2007-5746 : https://www.cve.org/CVERecord?id=CVE-2007-5746",
"url": "http://cvve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5746"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 OpenOffice CVE-2008-0320 :",
"url": "http://www.openoffice.org/security/cves/CVE-2008-0320.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2008:0090 du 25 janvier 2008 :",
"url": "http://rhn.redhat.com/errata/RHSA-2008-0090.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 SuSE SUSE-SA:2008:023 du 18 avril 2008 :",
"url": "http://www.novell.com/linux/security/advisories/2008_23_openoffice.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 OpenOffice CVE-2007-5746 :",
"url": "http://www.openoffice.org/security/cves/CVE-2007-5746.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-591-1 du 24 mars 2008 :",
"url": "http://www.ubuntu.com/usn/usn-591-1"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Gentoo GLSA-200803-20 du 11 mars 2008 :",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200803-20.xml"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Debian DSA-1511 du 03 mars 2008 :",
"url": "http://www.debian.org/security/2008/dsa-1511"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 OpenOffice CVE-2007-5747 :",
"url": "http://www.openoffice.org/security/cves/CVE-2007-5747.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2008:0176 du 17 avril 2008 :",
"url": "http://rhn.redhat.com/errata/RHSA-2008-0176.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Gentoo GLSA-200805-16 du 14 mai 2008 :",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200805-16.xml"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2007-5747 : https://www.cve.org/CVERecord?id=CVE-2007-5747",
"url": "http://cvve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5747"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-609-1 du 06 mai 2008 :",
"url": "http://www.ubuntu.com/usn/usn-609-1"
}
],
"reference": "CERTA-2008-AVI-218",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2008-04-18T00:00:00.000000"
},
{
"description": "ajout des r\u00e9f\u00e9rences aux bulletins de s\u00e9curit\u00e9 Gentoo, RedHat, Debian, SuSE, Ubuntu et des r\u00e9f\u00e9rences CVE.",
"revision_date": "2008-05-19T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "Plusieurs vuln\u00e9rabilit\u00e9s dans la suite bureautique \u003cspan\nclass=\"textit\"\u003eOpenOffice.org\u003c/span\u003e ont \u00e9t\u00e9 d\u00e9couvertes et permettent \u00e0\nune personne malveillante d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans OpenOffice.org",
"vendor_advisories": [
{
"published_at": null,
"title": "bulletins de s\u00e9curit\u00e9 d\u0027OpenOffice.org",
"url": null
}
]
}
CERTA-2008-AVI-123
Vulnerability from certfr_avis - Published: - Updated:
Plusieurs vulnérabilités concernant le traitement des expressions régulières de la bibliothèque ICU (International Components for Unicode) ont été corrigées.
Description
Une mauvaise gestion des tentatives d'utilisation de la référence arrière 0 dans une expression régulière, permet l'exécution de code arbitraire à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneReferences
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Sun Solaris 9.",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Sun Solaris 10 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nUne mauvaise gestion des tentatives d\u0027utilisation de la r\u00e9f\u00e9rence\narri\u00e8re 0 dans une expression r\u00e9guli\u00e8re, permet l\u0027ex\u00e9cution de code\narbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2007-4771",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4771"
},
{
"name": "CVE-2007-4770",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4770"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Sun Solaris #233922 du 07 mars 2008 :",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233922-1"
}
],
"reference": "CERTA-2008-AVI-123",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2008-03-11T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "Plusieurs vuln\u00e9rabilit\u00e9s concernant le traitement des expressions\nr\u00e9guli\u00e8res de la biblioth\u00e8que ICU (\u003cspan class=\"textit\"\u003eInternational\nComponents for Unicode\u003c/span\u003e) ont \u00e9t\u00e9 corrig\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans la biblioth\u00e8que Sun Solaris ICU",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Sun 233922 du 7 mars 2008",
"url": null
}
]
}
CERTA-2008-AVI-218
Vulnerability from certfr_avis - Published: - Updated:
Plusieurs vulnérabilités dans la suite bureautique OpenOffice.org ont été découvertes et permettent à une personne malveillante d'exécuter du code arbitraire à distance.
Description
Plusieurs vulnérabilités dans le traitement des fichiers EMF, ODF, Quattro Pro et OLE d'OpenOffice.org ont été découvertes. Elles permettent à une personne malveillante d'exécuter du code arbitraire à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Toutes les versions antérieures à la version 2.4.
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cP\u003eToutes les versions ant\u00e9rieures \u00e0 la version 2.4.\u003c/P\u003e",
"content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s dans le traitement des fichiers EMF, ODF,\nQuattro Pro et OLE d\u0027OpenOffice.org ont \u00e9t\u00e9 d\u00e9couvertes. Elles\npermettent \u00e0 une personne malveillante d\u0027ex\u00e9cuter du code arbitraire \u00e0\ndistance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2007-4771",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4771"
},
{
"name": "CVE-2007-5745",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-5745"
},
{
"name": "CVE-2008-0320",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-0320"
},
{
"name": "CVE-2007-4770",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4770"
},
{
"name": "CVE-2007-5747",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-5747"
},
{
"name": "CVE-2007-5746",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-5746"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 SuSE SUSE-SR:2008:005 du 06 mars 2008 :",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2008:0175 du 17 avril 2008 :",
"url": "http://rhn.redhat.com/errata/RHSA-2008-0175.html"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2007-5745 : https://www.cve.org/CVERecord?id=CVE-2007-5745",
"url": "http://cvve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5745"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 OpenOffice CVE-2007-4771 :",
"url": "http://www.openoffice.org/security/cves/CVE-2007-4771.html"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2007-4770 : https://www.cve.org/CVERecord?id=CVE-2007-4770",
"url": "http://cvve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4770"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Debian DSA-1547 du 17 avril 2008 :",
"url": "http://www.debian.org/security/2008/dsa-1547"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 OpenOffice CVE-2007-4770 :",
"url": "http://www.openoffice.org/security/cves/CVE-2007-4770.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 OpenOffice CVE-2007-5745 :",
"url": "http://www.openoffice.org/security/cves/CVE-2007-5745.html"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2008-0320 : https://www.cve.org/CVERecord?id=CVE-2008-0320",
"url": "http://cvve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0320"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2007-4771 : https://www.cve.org/CVERecord?id=CVE-2007-4771",
"url": "http://cvve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4771"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2007-5746 : https://www.cve.org/CVERecord?id=CVE-2007-5746",
"url": "http://cvve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5746"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 OpenOffice CVE-2008-0320 :",
"url": "http://www.openoffice.org/security/cves/CVE-2008-0320.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2008:0090 du 25 janvier 2008 :",
"url": "http://rhn.redhat.com/errata/RHSA-2008-0090.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 SuSE SUSE-SA:2008:023 du 18 avril 2008 :",
"url": "http://www.novell.com/linux/security/advisories/2008_23_openoffice.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 OpenOffice CVE-2007-5746 :",
"url": "http://www.openoffice.org/security/cves/CVE-2007-5746.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-591-1 du 24 mars 2008 :",
"url": "http://www.ubuntu.com/usn/usn-591-1"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Gentoo GLSA-200803-20 du 11 mars 2008 :",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200803-20.xml"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Debian DSA-1511 du 03 mars 2008 :",
"url": "http://www.debian.org/security/2008/dsa-1511"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 OpenOffice CVE-2007-5747 :",
"url": "http://www.openoffice.org/security/cves/CVE-2007-5747.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2008:0176 du 17 avril 2008 :",
"url": "http://rhn.redhat.com/errata/RHSA-2008-0176.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Gentoo GLSA-200805-16 du 14 mai 2008 :",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200805-16.xml"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2007-5747 : https://www.cve.org/CVERecord?id=CVE-2007-5747",
"url": "http://cvve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5747"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-609-1 du 06 mai 2008 :",
"url": "http://www.ubuntu.com/usn/usn-609-1"
}
],
"reference": "CERTA-2008-AVI-218",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2008-04-18T00:00:00.000000"
},
{
"description": "ajout des r\u00e9f\u00e9rences aux bulletins de s\u00e9curit\u00e9 Gentoo, RedHat, Debian, SuSE, Ubuntu et des r\u00e9f\u00e9rences CVE.",
"revision_date": "2008-05-19T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "Plusieurs vuln\u00e9rabilit\u00e9s dans la suite bureautique \u003cspan\nclass=\"textit\"\u003eOpenOffice.org\u003c/span\u003e ont \u00e9t\u00e9 d\u00e9couvertes et permettent \u00e0\nune personne malveillante d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans OpenOffice.org",
"vendor_advisories": [
{
"published_at": null,
"title": "bulletins de s\u00e9curit\u00e9 d\u0027OpenOffice.org",
"url": null
}
]
}
FKIE_CVE-2007-4770
Vulnerability from fkie_nvd - Published: 2008-01-29 00:00 - Updated: 2026-04-23 00:35
Severity ?
Summary
libicu in International Components for Unicode (ICU) 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero (aka \0), which might allow context-dependent attackers to read from, or write to, out-of-bounds memory locations, related to corruption of REStackFrames.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html | Third Party Advisory | |
| cve@mitre.org | http://rhn.redhat.com/errata/RHSA-2008-0090.html | Third Party Advisory | |
| cve@mitre.org | http://secunia.com/advisories/28575 | Permissions Required | |
| cve@mitre.org | http://secunia.com/advisories/28615 | Permissions Required | |
| cve@mitre.org | http://secunia.com/advisories/28669 | Permissions Required | |
| cve@mitre.org | http://secunia.com/advisories/28783 | Permissions Required | |
| cve@mitre.org | http://secunia.com/advisories/29194 | Permissions Required | |
| cve@mitre.org | http://secunia.com/advisories/29242 | Permissions Required | |
| cve@mitre.org | http://secunia.com/advisories/29291 | Permissions Required | |
| cve@mitre.org | http://secunia.com/advisories/29294 | Permissions Required | |
| cve@mitre.org | http://secunia.com/advisories/29333 | Permissions Required | |
| cve@mitre.org | http://secunia.com/advisories/29852 | Permissions Required | |
| cve@mitre.org | http://secunia.com/advisories/29910 | Permissions Required | |
| cve@mitre.org | http://secunia.com/advisories/29987 | Permissions Required | |
| cve@mitre.org | http://secunia.com/advisories/30179 | Permissions Required | |
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-200803-20.xml | Third Party Advisory | |
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-200805-16.xml | Third Party Advisory | |
| cve@mitre.org | http://securitytracker.com/id?1019269 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://sourceforge.net/mailarchive/message.php?msg_name=d03a2ffb0801221538x68825e42xb4a4aaf0fcccecbd%40mail.gmail.com | Broken Link, Patch, Third Party Advisory | |
| cve@mitre.org | http://sunsolve.sun.com/search/document.do?assetkey=1-26-231641-1 | Broken Link | |
| cve@mitre.org | http://sunsolve.sun.com/search/document.do?assetkey=1-26-233922-1 | Broken Link | |
| cve@mitre.org | http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0043 | Third Party Advisory | |
| cve@mitre.org | http://www.debian.org/security/2008/dsa-1511 | Third Party Advisory | |
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2008:026 | Broken Link | |
| cve@mitre.org | http://www.novell.com/linux/security/advisories/2008_23_openoffice.html | Third Party Advisory | |
| cve@mitre.org | http://www.openoffice.org/security/cves/CVE-2007-4770.html | Third Party Advisory | |
| cve@mitre.org | http://www.openoffice.org/security/cves/CVE-2007-5745.html | Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/archive/1/487677/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/27455 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.ubuntu.com/usn/usn-591-1 | Third Party Advisory | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/0282 | Third Party Advisory | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/0807/references | Third Party Advisory | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/1375/references | Third Party Advisory | |
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=429023 | Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/39938 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://issues.rpath.com/browse/RPL-2199 | Third Party Advisory | |
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11172 | Third Party Advisory | |
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5507 | Third Party Advisory | |
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00896.html | Third Party Advisory | |
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00921.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2008-0090.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/28575 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/28615 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/28669 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/28783 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29194 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29242 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29291 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29294 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29333 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29852 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29910 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29987 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/30179 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200803-20.xml | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200805-16.xml | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1019269 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://sourceforge.net/mailarchive/message.php?msg_name=d03a2ffb0801221538x68825e42xb4a4aaf0fcccecbd%40mail.gmail.com | Broken Link, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/search/document.do?assetkey=1-26-231641-1 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/search/document.do?assetkey=1-26-233922-1 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0043 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2008/dsa-1511 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2008:026 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/2008_23_openoffice.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openoffice.org/security/cves/CVE-2007-4770.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openoffice.org/security/cves/CVE-2007-5745.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/487677/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/27455 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/usn-591-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/0282 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/0807/references | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/1375/references | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=429023 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/39938 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://issues.rpath.com/browse/RPL-2199 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11172 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5507 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00896.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00921.html | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| icu-project | international_components_for_unicode | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:icu-project:international_components_for_unicode:*:*:*:*:*:c\\/c\\+\\+:*:*",
"matchCriteriaId": "8C296240-3851-4E13-8941-F20F6B42EF94",
"versionEndIncluding": "3.8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "libicu in International Components for Unicode (ICU) 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero (aka \\0), which might allow context-dependent attackers to read from, or write to, out-of-bounds memory locations, related to corruption of REStackFrames."
},
{
"lang": "es",
"value": "libicu de International Components for Unicode (ICU) 3.8.1 y versiones anteriores intenta procesar referencias a un grupo de captura no existente cero (tambi\u00e9n conocido como \\0), lo cual podr\u00eda permitir a atacantes locales o remotos dependientes del contexto leer desde, \u00f3 escribir en, direcciones de memoria fuera de los l\u00edmites, relativo a corrupci\u00f3n de REStackFrames.\r\n"
}
],
"id": "CVE-2007-4770",
"lastModified": "2026-04-23T00:35:47.467",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-01-29T00:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2008-0090.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/28575"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/28615"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/28669"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/28783"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/29194"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/29242"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/29291"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/29294"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/29333"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/29852"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/29910"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/29987"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/30179"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200803-20.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200805-16.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1019269"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Patch",
"Third Party Advisory"
],
"url": "http://sourceforge.net/mailarchive/message.php?msg_name=d03a2ffb0801221538x68825e42xb4a4aaf0fcccecbd%40mail.gmail.com"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231641-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233922-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0043"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2008/dsa-1511"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:026"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.novell.com/linux/security/advisories/2008_23_openoffice.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.openoffice.org/security/cves/CVE-2007-4770.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.openoffice.org/security/cves/CVE-2007-5745.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/487677/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/27455"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/usn-591-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/0282"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/0807/references"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/1375/references"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=429023"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39938"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://issues.rpath.com/browse/RPL-2199"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11172"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5507"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00896.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00921.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2008-0090.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/28575"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/28615"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/28669"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/28783"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/29194"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/29242"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/29291"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/29294"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/29333"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/29852"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/29910"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/29987"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/30179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200803-20.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200805-16.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1019269"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Patch",
"Third Party Advisory"
],
"url": "http://sourceforge.net/mailarchive/message.php?msg_name=d03a2ffb0801221538x68825e42xb4a4aaf0fcccecbd%40mail.gmail.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231641-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233922-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0043"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2008/dsa-1511"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:026"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.novell.com/linux/security/advisories/2008_23_openoffice.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.openoffice.org/security/cves/CVE-2007-4770.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.openoffice.org/security/cves/CVE-2007-5745.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/487677/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/27455"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/usn-591-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/0282"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/0807/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/1375/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=429023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39938"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://issues.rpath.com/browse/RPL-2199"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11172"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5507"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00896.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00921.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-3HVJ-9J8H-VGR2
Vulnerability from github – Published: 2022-05-01 18:27 – Updated: 2022-05-01 18:27
VLAI?
Details
libicu in International Components for Unicode (ICU) 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero (aka \0), which might allow context-dependent attackers to read from, or write to, out-of-bounds memory locations, related to corruption of REStackFrames.
{
"affected": [],
"aliases": [
"CVE-2007-4770"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2008-01-29T00:00:00Z",
"severity": "MODERATE"
},
"details": "libicu in International Components for Unicode (ICU) 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero (aka \\0), which might allow context-dependent attackers to read from, or write to, out-of-bounds memory locations, related to corruption of REStackFrames.",
"id": "GHSA-3hvj-9j8h-vgr2",
"modified": "2022-05-01T18:27:00Z",
"published": "2022-05-01T18:27:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-4770"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=429023"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39938"
},
{
"type": "WEB",
"url": "https://issues.rpath.com/browse/RPL-2199"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11172"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5507"
},
{
"type": "WEB",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00896.html"
},
{
"type": "WEB",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00921.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2008-0090.html"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/28575"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/28615"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/28669"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/28783"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/29194"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/29242"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/29291"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/29294"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/29333"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/29852"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/29910"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/29987"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/30179"
},
{
"type": "WEB",
"url": "http://security.gentoo.org/glsa/glsa-200803-20.xml"
},
{
"type": "WEB",
"url": "http://security.gentoo.org/glsa/glsa-200805-16.xml"
},
{
"type": "WEB",
"url": "http://securitytracker.com/id?1019269"
},
{
"type": "WEB",
"url": "http://sourceforge.net/mailarchive/message.php?msg_name=d03a2ffb0801221538x68825e42xb4a4aaf0fcccecbd%40mail.gmail.com"
},
{
"type": "WEB",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231641-1"
},
{
"type": "WEB",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233922-1"
},
{
"type": "WEB",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0043"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2008/dsa-1511"
},
{
"type": "WEB",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:026"
},
{
"type": "WEB",
"url": "http://www.novell.com/linux/security/advisories/2008_23_openoffice.html"
},
{
"type": "WEB",
"url": "http://www.openoffice.org/security/cves/CVE-2007-4770.html"
},
{
"type": "WEB",
"url": "http://www.openoffice.org/security/cves/CVE-2007-5745.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/archive/1/487677/100/0/threaded"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/27455"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/usn-591-1"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2008/0282"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2008/0807/references"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2008/1375/references"
}
],
"schema_version": "1.4.0",
"severity": []
}
GSD-2007-4770
Vulnerability from gsd - Updated: 2023-12-13 01:21Details
libicu in International Components for Unicode (ICU) 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero (aka \0), which might allow context-dependent attackers to read from, or write to, out-of-bounds memory locations, related to corruption of REStackFrames.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2007-4770",
"description": "libicu in International Components for Unicode (ICU) 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero (aka \\0), which might allow context-dependent attackers to read from, or write to, out-of-bounds memory locations, related to corruption of REStackFrames.",
"id": "GSD-2007-4770",
"references": [
"https://www.suse.com/security/cve/CVE-2007-4770.html",
"https://access.redhat.com/errata/RHSA-2008:0090",
"https://linux.oracle.com/cve/CVE-2007-4770.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2007-4770"
],
"details": "libicu in International Components for Unicode (ICU) 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero (aka \\0), which might allow context-dependent attackers to read from, or write to, out-of-bounds memory locations, related to corruption of REStackFrames.",
"id": "GSD-2007-4770",
"modified": "2023-12-13T01:21:36.871165Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4770",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "libicu in International Components for Unicode (ICU) 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero (aka \\0), which might allow context-dependent attackers to read from, or write to, out-of-bounds memory locations, related to corruption of REStackFrames."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:11172",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11172"
},
{
"name": "233922",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233922-1"
},
{
"name": "28615",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28615"
},
{
"name": "oval:org.mitre.oval:def:5507",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5507"
},
{
"name": "29852",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29852"
},
{
"name": "28783",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28783"
},
{
"name": "29291",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29291"
},
{
"name": "SUSE-SA:2008:023",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2008_23_openoffice.html"
},
{
"name": "29242",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29242"
},
{
"name": "1019269",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019269"
},
{
"name": "GLSA-200805-16",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200805-16.xml"
},
{
"name": "29987",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29987"
},
{
"name": "SUSE-SR:2008:005",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html"
},
{
"name": "27455",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27455"
},
{
"name": "29294",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29294"
},
{
"name": "http://www.openoffice.org/security/cves/CVE-2007-4770.html",
"refsource": "CONFIRM",
"url": "http://www.openoffice.org/security/cves/CVE-2007-4770.html"
},
{
"name": "GLSA-200803-20",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200803-20.xml"
},
{
"name": "DSA-1511",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1511"
},
{
"name": "libicu-restackframes-dos(39938)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39938"
},
{
"name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0043",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0043"
},
{
"name": "RHSA-2008:0090",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2008-0090.html"
},
{
"name": "29333",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29333"
},
{
"name": "https://issues.rpath.com/browse/RPL-2199",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-2199"
},
{
"name": "USN-591-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-591-1"
},
{
"name": "MDVSA-2008:026",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:026"
},
{
"name": "231641",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231641-1"
},
{
"name": "ADV-2008-1375",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1375/references"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=429023",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=429023"
},
{
"name": "29194",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29194"
},
{
"name": "30179",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30179"
},
{
"name": "FEDORA-2008-1076",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00921.html"
},
{
"name": "http://www.openoffice.org/security/cves/CVE-2007-5745.html",
"refsource": "CONFIRM",
"url": "http://www.openoffice.org/security/cves/CVE-2007-5745.html"
},
{
"name": "28575",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28575"
},
{
"name": "20080206 rPSA-2008-0043-1 icu",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/487677/100/0/threaded"
},
{
"name": "[icu-support] 20080122 ICU Patch for bugs in Regular Expressions",
"refsource": "MLIST",
"url": "http://sourceforge.net/mailarchive/message.php?msg_name=d03a2ffb0801221538x68825e42xb4a4aaf0fcccecbd%40mail.gmail.com"
},
{
"name": "28669",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28669"
},
{
"name": "ADV-2008-0807",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0807/references"
},
{
"name": "29910",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29910"
},
{
"name": "FEDORA-2008-1036",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00896.html"
},
{
"name": "ADV-2008-0282",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0282"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:icu-project:international_components_for_unicode:*:*:*:*:*:c\\/c\\+\\+:*:*",
"cpe_name": [],
"versionEndIncluding": "3.8.1",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4770"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "libicu in International Components for Unicode (ICU) 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero (aka \\0), which might allow context-dependent attackers to read from, or write to, out-of-bounds memory locations, related to corruption of REStackFrames."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[icu-support] 20080122 ICU Patch for bugs in Regular Expressions",
"refsource": "MLIST",
"tags": [
"Broken Link",
"Patch",
"Third Party Advisory"
],
"url": "http://sourceforge.net/mailarchive/message.php?msg_name=d03a2ffb0801221538x68825e42xb4a4aaf0fcccecbd%40mail.gmail.com"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=429023",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=429023"
},
{
"name": "MDVSA-2008:026",
"refsource": "MANDRIVA",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:026"
},
{
"name": "RHSA-2008:0090",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2008-0090.html"
},
{
"name": "27455",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/27455"
},
{
"name": "1019269",
"refsource": "SECTRACK",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1019269"
},
{
"name": "28575",
"refsource": "SECUNIA",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/28575"
},
{
"name": "28615",
"refsource": "SECUNIA",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/28615"
},
{
"name": "FEDORA-2008-1036",
"refsource": "FEDORA",
"tags": [
"Third Party Advisory"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00896.html"
},
{
"name": "FEDORA-2008-1076",
"refsource": "FEDORA",
"tags": [
"Third Party Advisory"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00921.html"
},
{
"name": "28669",
"refsource": "SECUNIA",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/28669"
},
{
"name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0043",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0043"
},
{
"name": "https://issues.rpath.com/browse/RPL-2199",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://issues.rpath.com/browse/RPL-2199"
},
{
"name": "28783",
"refsource": "SECUNIA",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/28783"
},
{
"name": "DSA-1511",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2008/dsa-1511"
},
{
"name": "SUSE-SR:2008:005",
"refsource": "SUSE",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html"
},
{
"name": "29194",
"refsource": "SECUNIA",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/29194"
},
{
"name": "29242",
"refsource": "SECUNIA",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/29242"
},
{
"name": "233922",
"refsource": "SUNALERT",
"tags": [
"Broken Link"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233922-1"
},
{
"name": "29291",
"refsource": "SECUNIA",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/29291"
},
{
"name": "GLSA-200803-20",
"refsource": "GENTOO",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200803-20.xml"
},
{
"name": "29333",
"refsource": "SECUNIA",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/29333"
},
{
"name": "USN-591-1",
"refsource": "UBUNTU",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/usn-591-1"
},
{
"name": "29294",
"refsource": "SECUNIA",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/29294"
},
{
"name": "http://www.openoffice.org/security/cves/CVE-2007-4770.html",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://www.openoffice.org/security/cves/CVE-2007-4770.html"
},
{
"name": "http://www.openoffice.org/security/cves/CVE-2007-5745.html",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://www.openoffice.org/security/cves/CVE-2007-5745.html"
},
{
"name": "231641",
"refsource": "SUNALERT",
"tags": [
"Broken Link"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231641-1"
},
{
"name": "SUSE-SA:2008:023",
"refsource": "SUSE",
"tags": [
"Third Party Advisory"
],
"url": "http://www.novell.com/linux/security/advisories/2008_23_openoffice.html"
},
{
"name": "29852",
"refsource": "SECUNIA",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/29852"
},
{
"name": "29910",
"refsource": "SECUNIA",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/29910"
},
{
"name": "29987",
"refsource": "SECUNIA",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/29987"
},
{
"name": "30179",
"refsource": "SECUNIA",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/30179"
},
{
"name": "GLSA-200805-16",
"refsource": "GENTOO",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200805-16.xml"
},
{
"name": "ADV-2008-0807",
"refsource": "VUPEN",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/0807/references"
},
{
"name": "ADV-2008-1375",
"refsource": "VUPEN",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/1375/references"
},
{
"name": "ADV-2008-0282",
"refsource": "VUPEN",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/0282"
},
{
"name": "libicu-restackframes-dos(39938)",
"refsource": "XF",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39938"
},
{
"name": "oval:org.mitre.oval:def:5507",
"refsource": "OVAL",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5507"
},
{
"name": "oval:org.mitre.oval:def:11172",
"refsource": "OVAL",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11172"
},
{
"name": "20080206 rPSA-2008-0043-1 icu",
"refsource": "BUGTRAQ",
"tags": [],
"url": "http://www.securityfocus.com/archive/1/487677/100/0/threaded"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2018-10-15T21:37Z",
"publishedDate": "2008-01-29T00:00Z"
}
}
}
OPENSUSE-SU-2024:10859-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
icu-69.1-2.3 on GA media
Severity
Moderate
Notes
Title of the patch: icu-69.1-2.3 on GA media
Description of the patch: These are all security issues fixed in the icu-69.1-2.3 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-10859
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:icu-69.1-2.3.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:icu-69.1-2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:icu-69.1-2.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:icu-69.1-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu-devel-32bit-69.1-2.3.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu-devel-32bit-69.1-2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu-devel-32bit-69.1-2.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu-devel-32bit-69.1-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu-devel-69.1-2.3.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu-devel-69.1-2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu-devel-69.1-2.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu-devel-69.1-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu-doc-69.1-2.3.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu-doc-69.1-2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu-doc-69.1-2.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu-doc-69.1-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu69-32bit-69.1-2.3.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu69-32bit-69.1-2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu69-32bit-69.1-2.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu69-32bit-69.1-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu69-69.1-2.3.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu69-69.1-2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu69-69.1-2.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu69-69.1-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu69-bedata-69.1-2.3.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu69-bedata-69.1-2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu69-bedata-69.1-2.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu69-bedata-69.1-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu69-ledata-69.1-2.3.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu69-ledata-69.1-2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu69-ledata-69.1-2.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu69-ledata-69.1-2.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:icu-69.1-2.3.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:icu-69.1-2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:icu-69.1-2.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:icu-69.1-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu-devel-32bit-69.1-2.3.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu-devel-32bit-69.1-2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu-devel-32bit-69.1-2.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu-devel-32bit-69.1-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu-devel-69.1-2.3.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu-devel-69.1-2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu-devel-69.1-2.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu-devel-69.1-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu-doc-69.1-2.3.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu-doc-69.1-2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu-doc-69.1-2.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu-doc-69.1-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu69-32bit-69.1-2.3.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu69-32bit-69.1-2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu69-32bit-69.1-2.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu69-32bit-69.1-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu69-69.1-2.3.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu69-69.1-2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu69-69.1-2.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu69-69.1-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu69-bedata-69.1-2.3.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu69-bedata-69.1-2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu69-bedata-69.1-2.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu69-bedata-69.1-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu69-ledata-69.1-2.3.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu69-ledata-69.1-2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu69-ledata-69.1-2.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libicu69-ledata-69.1-2.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
10 references
| URL | Category |
|---|---|
| https://www.suse.com/support/security/rating/ | external |
| https://ftp.suse.com/pub/projects/security/csaf/o… | self |
| https://www.suse.com/security/cve/CVE-2007-4770/ | self |
| https://www.suse.com/security/cve/CVE-2008-1036/ | self |
| https://www.suse.com/security/cve/CVE-2007-4770 | external |
| https://bugzilla.suse.com/354372 | external |
| https://bugzilla.suse.com/363252 | external |
| https://bugzilla.suse.com/417817 | external |
| https://www.suse.com/security/cve/CVE-2008-1036 | external |
| https://bugzilla.suse.com/489649 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "icu-69.1-2.3 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the icu-69.1-2.3 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-10859",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10859-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2007-4770 page",
"url": "https://www.suse.com/security/cve/CVE-2007-4770/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2008-1036 page",
"url": "https://www.suse.com/security/cve/CVE-2008-1036/"
}
],
"title": "icu-69.1-2.3 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:10859-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "icu-69.1-2.3.aarch64",
"product": {
"name": "icu-69.1-2.3.aarch64",
"product_id": "icu-69.1-2.3.aarch64"
}
},
{
"category": "product_version",
"name": "libicu-devel-69.1-2.3.aarch64",
"product": {
"name": "libicu-devel-69.1-2.3.aarch64",
"product_id": "libicu-devel-69.1-2.3.aarch64"
}
},
{
"category": "product_version",
"name": "libicu-devel-32bit-69.1-2.3.aarch64",
"product": {
"name": "libicu-devel-32bit-69.1-2.3.aarch64",
"product_id": "libicu-devel-32bit-69.1-2.3.aarch64"
}
},
{
"category": "product_version",
"name": "libicu-doc-69.1-2.3.aarch64",
"product": {
"name": "libicu-doc-69.1-2.3.aarch64",
"product_id": "libicu-doc-69.1-2.3.aarch64"
}
},
{
"category": "product_version",
"name": "libicu69-69.1-2.3.aarch64",
"product": {
"name": "libicu69-69.1-2.3.aarch64",
"product_id": "libicu69-69.1-2.3.aarch64"
}
},
{
"category": "product_version",
"name": "libicu69-32bit-69.1-2.3.aarch64",
"product": {
"name": "libicu69-32bit-69.1-2.3.aarch64",
"product_id": "libicu69-32bit-69.1-2.3.aarch64"
}
},
{
"category": "product_version",
"name": "libicu69-bedata-69.1-2.3.aarch64",
"product": {
"name": "libicu69-bedata-69.1-2.3.aarch64",
"product_id": "libicu69-bedata-69.1-2.3.aarch64"
}
},
{
"category": "product_version",
"name": "libicu69-ledata-69.1-2.3.aarch64",
"product": {
"name": "libicu69-ledata-69.1-2.3.aarch64",
"product_id": "libicu69-ledata-69.1-2.3.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "icu-69.1-2.3.ppc64le",
"product": {
"name": "icu-69.1-2.3.ppc64le",
"product_id": "icu-69.1-2.3.ppc64le"
}
},
{
"category": "product_version",
"name": "libicu-devel-69.1-2.3.ppc64le",
"product": {
"name": "libicu-devel-69.1-2.3.ppc64le",
"product_id": "libicu-devel-69.1-2.3.ppc64le"
}
},
{
"category": "product_version",
"name": "libicu-devel-32bit-69.1-2.3.ppc64le",
"product": {
"name": "libicu-devel-32bit-69.1-2.3.ppc64le",
"product_id": "libicu-devel-32bit-69.1-2.3.ppc64le"
}
},
{
"category": "product_version",
"name": "libicu-doc-69.1-2.3.ppc64le",
"product": {
"name": "libicu-doc-69.1-2.3.ppc64le",
"product_id": "libicu-doc-69.1-2.3.ppc64le"
}
},
{
"category": "product_version",
"name": "libicu69-69.1-2.3.ppc64le",
"product": {
"name": "libicu69-69.1-2.3.ppc64le",
"product_id": "libicu69-69.1-2.3.ppc64le"
}
},
{
"category": "product_version",
"name": "libicu69-32bit-69.1-2.3.ppc64le",
"product": {
"name": "libicu69-32bit-69.1-2.3.ppc64le",
"product_id": "libicu69-32bit-69.1-2.3.ppc64le"
}
},
{
"category": "product_version",
"name": "libicu69-bedata-69.1-2.3.ppc64le",
"product": {
"name": "libicu69-bedata-69.1-2.3.ppc64le",
"product_id": "libicu69-bedata-69.1-2.3.ppc64le"
}
},
{
"category": "product_version",
"name": "libicu69-ledata-69.1-2.3.ppc64le",
"product": {
"name": "libicu69-ledata-69.1-2.3.ppc64le",
"product_id": "libicu69-ledata-69.1-2.3.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "icu-69.1-2.3.s390x",
"product": {
"name": "icu-69.1-2.3.s390x",
"product_id": "icu-69.1-2.3.s390x"
}
},
{
"category": "product_version",
"name": "libicu-devel-69.1-2.3.s390x",
"product": {
"name": "libicu-devel-69.1-2.3.s390x",
"product_id": "libicu-devel-69.1-2.3.s390x"
}
},
{
"category": "product_version",
"name": "libicu-devel-32bit-69.1-2.3.s390x",
"product": {
"name": "libicu-devel-32bit-69.1-2.3.s390x",
"product_id": "libicu-devel-32bit-69.1-2.3.s390x"
}
},
{
"category": "product_version",
"name": "libicu-doc-69.1-2.3.s390x",
"product": {
"name": "libicu-doc-69.1-2.3.s390x",
"product_id": "libicu-doc-69.1-2.3.s390x"
}
},
{
"category": "product_version",
"name": "libicu69-69.1-2.3.s390x",
"product": {
"name": "libicu69-69.1-2.3.s390x",
"product_id": "libicu69-69.1-2.3.s390x"
}
},
{
"category": "product_version",
"name": "libicu69-32bit-69.1-2.3.s390x",
"product": {
"name": "libicu69-32bit-69.1-2.3.s390x",
"product_id": "libicu69-32bit-69.1-2.3.s390x"
}
},
{
"category": "product_version",
"name": "libicu69-bedata-69.1-2.3.s390x",
"product": {
"name": "libicu69-bedata-69.1-2.3.s390x",
"product_id": "libicu69-bedata-69.1-2.3.s390x"
}
},
{
"category": "product_version",
"name": "libicu69-ledata-69.1-2.3.s390x",
"product": {
"name": "libicu69-ledata-69.1-2.3.s390x",
"product_id": "libicu69-ledata-69.1-2.3.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "icu-69.1-2.3.x86_64",
"product": {
"name": "icu-69.1-2.3.x86_64",
"product_id": "icu-69.1-2.3.x86_64"
}
},
{
"category": "product_version",
"name": "libicu-devel-69.1-2.3.x86_64",
"product": {
"name": "libicu-devel-69.1-2.3.x86_64",
"product_id": "libicu-devel-69.1-2.3.x86_64"
}
},
{
"category": "product_version",
"name": "libicu-devel-32bit-69.1-2.3.x86_64",
"product": {
"name": "libicu-devel-32bit-69.1-2.3.x86_64",
"product_id": "libicu-devel-32bit-69.1-2.3.x86_64"
}
},
{
"category": "product_version",
"name": "libicu-doc-69.1-2.3.x86_64",
"product": {
"name": "libicu-doc-69.1-2.3.x86_64",
"product_id": "libicu-doc-69.1-2.3.x86_64"
}
},
{
"category": "product_version",
"name": "libicu69-69.1-2.3.x86_64",
"product": {
"name": "libicu69-69.1-2.3.x86_64",
"product_id": "libicu69-69.1-2.3.x86_64"
}
},
{
"category": "product_version",
"name": "libicu69-32bit-69.1-2.3.x86_64",
"product": {
"name": "libicu69-32bit-69.1-2.3.x86_64",
"product_id": "libicu69-32bit-69.1-2.3.x86_64"
}
},
{
"category": "product_version",
"name": "libicu69-bedata-69.1-2.3.x86_64",
"product": {
"name": "libicu69-bedata-69.1-2.3.x86_64",
"product_id": "libicu69-bedata-69.1-2.3.x86_64"
}
},
{
"category": "product_version",
"name": "libicu69-ledata-69.1-2.3.x86_64",
"product": {
"name": "libicu69-ledata-69.1-2.3.x86_64",
"product_id": "libicu69-ledata-69.1-2.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-69.1-2.3.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:icu-69.1-2.3.aarch64"
},
"product_reference": "icu-69.1-2.3.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-69.1-2.3.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:icu-69.1-2.3.ppc64le"
},
"product_reference": "icu-69.1-2.3.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-69.1-2.3.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:icu-69.1-2.3.s390x"
},
"product_reference": "icu-69.1-2.3.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-69.1-2.3.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:icu-69.1-2.3.x86_64"
},
"product_reference": "icu-69.1-2.3.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-69.1-2.3.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libicu-devel-69.1-2.3.aarch64"
},
"product_reference": "libicu-devel-69.1-2.3.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-69.1-2.3.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libicu-devel-69.1-2.3.ppc64le"
},
"product_reference": "libicu-devel-69.1-2.3.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-69.1-2.3.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libicu-devel-69.1-2.3.s390x"
},
"product_reference": "libicu-devel-69.1-2.3.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-69.1-2.3.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libicu-devel-69.1-2.3.x86_64"
},
"product_reference": "libicu-devel-69.1-2.3.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-32bit-69.1-2.3.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libicu-devel-32bit-69.1-2.3.aarch64"
},
"product_reference": "libicu-devel-32bit-69.1-2.3.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-32bit-69.1-2.3.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libicu-devel-32bit-69.1-2.3.ppc64le"
},
"product_reference": "libicu-devel-32bit-69.1-2.3.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-32bit-69.1-2.3.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libicu-devel-32bit-69.1-2.3.s390x"
},
"product_reference": "libicu-devel-32bit-69.1-2.3.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-32bit-69.1-2.3.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libicu-devel-32bit-69.1-2.3.x86_64"
},
"product_reference": "libicu-devel-32bit-69.1-2.3.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-doc-69.1-2.3.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libicu-doc-69.1-2.3.aarch64"
},
"product_reference": "libicu-doc-69.1-2.3.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-doc-69.1-2.3.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libicu-doc-69.1-2.3.ppc64le"
},
"product_reference": "libicu-doc-69.1-2.3.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-doc-69.1-2.3.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libicu-doc-69.1-2.3.s390x"
},
"product_reference": "libicu-doc-69.1-2.3.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-doc-69.1-2.3.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libicu-doc-69.1-2.3.x86_64"
},
"product_reference": "libicu-doc-69.1-2.3.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu69-69.1-2.3.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libicu69-69.1-2.3.aarch64"
},
"product_reference": "libicu69-69.1-2.3.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu69-69.1-2.3.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libicu69-69.1-2.3.ppc64le"
},
"product_reference": "libicu69-69.1-2.3.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu69-69.1-2.3.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libicu69-69.1-2.3.s390x"
},
"product_reference": "libicu69-69.1-2.3.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu69-69.1-2.3.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libicu69-69.1-2.3.x86_64"
},
"product_reference": "libicu69-69.1-2.3.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu69-32bit-69.1-2.3.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libicu69-32bit-69.1-2.3.aarch64"
},
"product_reference": "libicu69-32bit-69.1-2.3.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu69-32bit-69.1-2.3.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libicu69-32bit-69.1-2.3.ppc64le"
},
"product_reference": "libicu69-32bit-69.1-2.3.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu69-32bit-69.1-2.3.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libicu69-32bit-69.1-2.3.s390x"
},
"product_reference": "libicu69-32bit-69.1-2.3.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu69-32bit-69.1-2.3.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libicu69-32bit-69.1-2.3.x86_64"
},
"product_reference": "libicu69-32bit-69.1-2.3.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu69-bedata-69.1-2.3.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libicu69-bedata-69.1-2.3.aarch64"
},
"product_reference": "libicu69-bedata-69.1-2.3.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu69-bedata-69.1-2.3.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libicu69-bedata-69.1-2.3.ppc64le"
},
"product_reference": "libicu69-bedata-69.1-2.3.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu69-bedata-69.1-2.3.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libicu69-bedata-69.1-2.3.s390x"
},
"product_reference": "libicu69-bedata-69.1-2.3.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu69-bedata-69.1-2.3.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libicu69-bedata-69.1-2.3.x86_64"
},
"product_reference": "libicu69-bedata-69.1-2.3.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu69-ledata-69.1-2.3.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libicu69-ledata-69.1-2.3.aarch64"
},
"product_reference": "libicu69-ledata-69.1-2.3.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu69-ledata-69.1-2.3.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libicu69-ledata-69.1-2.3.ppc64le"
},
"product_reference": "libicu69-ledata-69.1-2.3.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu69-ledata-69.1-2.3.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libicu69-ledata-69.1-2.3.s390x"
},
"product_reference": "libicu69-ledata-69.1-2.3.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu69-ledata-69.1-2.3.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libicu69-ledata-69.1-2.3.x86_64"
},
"product_reference": "libicu69-ledata-69.1-2.3.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2007-4770",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2007-4770"
}
],
"notes": [
{
"category": "general",
"text": "libicu in International Components for Unicode (ICU) 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero (aka \\0), which might allow context-dependent attackers to read from, or write to, out-of-bounds memory locations, related to corruption of REStackFrames.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:icu-69.1-2.3.aarch64",
"openSUSE Tumbleweed:icu-69.1-2.3.ppc64le",
"openSUSE Tumbleweed:icu-69.1-2.3.s390x",
"openSUSE Tumbleweed:icu-69.1-2.3.x86_64",
"openSUSE Tumbleweed:libicu-devel-32bit-69.1-2.3.aarch64",
"openSUSE Tumbleweed:libicu-devel-32bit-69.1-2.3.ppc64le",
"openSUSE Tumbleweed:libicu-devel-32bit-69.1-2.3.s390x",
"openSUSE Tumbleweed:libicu-devel-32bit-69.1-2.3.x86_64",
"openSUSE Tumbleweed:libicu-devel-69.1-2.3.aarch64",
"openSUSE Tumbleweed:libicu-devel-69.1-2.3.ppc64le",
"openSUSE Tumbleweed:libicu-devel-69.1-2.3.s390x",
"openSUSE Tumbleweed:libicu-devel-69.1-2.3.x86_64",
"openSUSE Tumbleweed:libicu-doc-69.1-2.3.aarch64",
"openSUSE Tumbleweed:libicu-doc-69.1-2.3.ppc64le",
"openSUSE Tumbleweed:libicu-doc-69.1-2.3.s390x",
"openSUSE Tumbleweed:libicu-doc-69.1-2.3.x86_64",
"openSUSE Tumbleweed:libicu69-32bit-69.1-2.3.aarch64",
"openSUSE Tumbleweed:libicu69-32bit-69.1-2.3.ppc64le",
"openSUSE Tumbleweed:libicu69-32bit-69.1-2.3.s390x",
"openSUSE Tumbleweed:libicu69-32bit-69.1-2.3.x86_64",
"openSUSE Tumbleweed:libicu69-69.1-2.3.aarch64",
"openSUSE Tumbleweed:libicu69-69.1-2.3.ppc64le",
"openSUSE Tumbleweed:libicu69-69.1-2.3.s390x",
"openSUSE Tumbleweed:libicu69-69.1-2.3.x86_64",
"openSUSE Tumbleweed:libicu69-bedata-69.1-2.3.aarch64",
"openSUSE Tumbleweed:libicu69-bedata-69.1-2.3.ppc64le",
"openSUSE Tumbleweed:libicu69-bedata-69.1-2.3.s390x",
"openSUSE Tumbleweed:libicu69-bedata-69.1-2.3.x86_64",
"openSUSE Tumbleweed:libicu69-ledata-69.1-2.3.aarch64",
"openSUSE Tumbleweed:libicu69-ledata-69.1-2.3.ppc64le",
"openSUSE Tumbleweed:libicu69-ledata-69.1-2.3.s390x",
"openSUSE Tumbleweed:libicu69-ledata-69.1-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2007-4770",
"url": "https://www.suse.com/security/cve/CVE-2007-4770"
},
{
"category": "external",
"summary": "SUSE Bug 354372 for CVE-2007-4770",
"url": "https://bugzilla.suse.com/354372"
},
{
"category": "external",
"summary": "SUSE Bug 363252 for CVE-2007-4770",
"url": "https://bugzilla.suse.com/363252"
},
{
"category": "external",
"summary": "SUSE Bug 417817 for CVE-2007-4770",
"url": "https://bugzilla.suse.com/417817"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:icu-69.1-2.3.aarch64",
"openSUSE Tumbleweed:icu-69.1-2.3.ppc64le",
"openSUSE Tumbleweed:icu-69.1-2.3.s390x",
"openSUSE Tumbleweed:icu-69.1-2.3.x86_64",
"openSUSE Tumbleweed:libicu-devel-32bit-69.1-2.3.aarch64",
"openSUSE Tumbleweed:libicu-devel-32bit-69.1-2.3.ppc64le",
"openSUSE Tumbleweed:libicu-devel-32bit-69.1-2.3.s390x",
"openSUSE Tumbleweed:libicu-devel-32bit-69.1-2.3.x86_64",
"openSUSE Tumbleweed:libicu-devel-69.1-2.3.aarch64",
"openSUSE Tumbleweed:libicu-devel-69.1-2.3.ppc64le",
"openSUSE Tumbleweed:libicu-devel-69.1-2.3.s390x",
"openSUSE Tumbleweed:libicu-devel-69.1-2.3.x86_64",
"openSUSE Tumbleweed:libicu-doc-69.1-2.3.aarch64",
"openSUSE Tumbleweed:libicu-doc-69.1-2.3.ppc64le",
"openSUSE Tumbleweed:libicu-doc-69.1-2.3.s390x",
"openSUSE Tumbleweed:libicu-doc-69.1-2.3.x86_64",
"openSUSE Tumbleweed:libicu69-32bit-69.1-2.3.aarch64",
"openSUSE Tumbleweed:libicu69-32bit-69.1-2.3.ppc64le",
"openSUSE Tumbleweed:libicu69-32bit-69.1-2.3.s390x",
"openSUSE Tumbleweed:libicu69-32bit-69.1-2.3.x86_64",
"openSUSE Tumbleweed:libicu69-69.1-2.3.aarch64",
"openSUSE Tumbleweed:libicu69-69.1-2.3.ppc64le",
"openSUSE Tumbleweed:libicu69-69.1-2.3.s390x",
"openSUSE Tumbleweed:libicu69-69.1-2.3.x86_64",
"openSUSE Tumbleweed:libicu69-bedata-69.1-2.3.aarch64",
"openSUSE Tumbleweed:libicu69-bedata-69.1-2.3.ppc64le",
"openSUSE Tumbleweed:libicu69-bedata-69.1-2.3.s390x",
"openSUSE Tumbleweed:libicu69-bedata-69.1-2.3.x86_64",
"openSUSE Tumbleweed:libicu69-ledata-69.1-2.3.aarch64",
"openSUSE Tumbleweed:libicu69-ledata-69.1-2.3.ppc64le",
"openSUSE Tumbleweed:libicu69-ledata-69.1-2.3.s390x",
"openSUSE Tumbleweed:libicu69-ledata-69.1-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2007-4770"
},
{
"cve": "CVE-2008-1036",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2008-1036"
}
],
"notes": [
{
"category": "general",
"text": "The International Components for Unicode (ICU) library in Apple Mac OS X before 10.5.3, Red Hat Enterprise Linux 5, and other operating systems omits some invalid character sequences during conversion of some character encodings, which might allow remote attackers to conduct cross-site scripting (XSS) attacks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:icu-69.1-2.3.aarch64",
"openSUSE Tumbleweed:icu-69.1-2.3.ppc64le",
"openSUSE Tumbleweed:icu-69.1-2.3.s390x",
"openSUSE Tumbleweed:icu-69.1-2.3.x86_64",
"openSUSE Tumbleweed:libicu-devel-32bit-69.1-2.3.aarch64",
"openSUSE Tumbleweed:libicu-devel-32bit-69.1-2.3.ppc64le",
"openSUSE Tumbleweed:libicu-devel-32bit-69.1-2.3.s390x",
"openSUSE Tumbleweed:libicu-devel-32bit-69.1-2.3.x86_64",
"openSUSE Tumbleweed:libicu-devel-69.1-2.3.aarch64",
"openSUSE Tumbleweed:libicu-devel-69.1-2.3.ppc64le",
"openSUSE Tumbleweed:libicu-devel-69.1-2.3.s390x",
"openSUSE Tumbleweed:libicu-devel-69.1-2.3.x86_64",
"openSUSE Tumbleweed:libicu-doc-69.1-2.3.aarch64",
"openSUSE Tumbleweed:libicu-doc-69.1-2.3.ppc64le",
"openSUSE Tumbleweed:libicu-doc-69.1-2.3.s390x",
"openSUSE Tumbleweed:libicu-doc-69.1-2.3.x86_64",
"openSUSE Tumbleweed:libicu69-32bit-69.1-2.3.aarch64",
"openSUSE Tumbleweed:libicu69-32bit-69.1-2.3.ppc64le",
"openSUSE Tumbleweed:libicu69-32bit-69.1-2.3.s390x",
"openSUSE Tumbleweed:libicu69-32bit-69.1-2.3.x86_64",
"openSUSE Tumbleweed:libicu69-69.1-2.3.aarch64",
"openSUSE Tumbleweed:libicu69-69.1-2.3.ppc64le",
"openSUSE Tumbleweed:libicu69-69.1-2.3.s390x",
"openSUSE Tumbleweed:libicu69-69.1-2.3.x86_64",
"openSUSE Tumbleweed:libicu69-bedata-69.1-2.3.aarch64",
"openSUSE Tumbleweed:libicu69-bedata-69.1-2.3.ppc64le",
"openSUSE Tumbleweed:libicu69-bedata-69.1-2.3.s390x",
"openSUSE Tumbleweed:libicu69-bedata-69.1-2.3.x86_64",
"openSUSE Tumbleweed:libicu69-ledata-69.1-2.3.aarch64",
"openSUSE Tumbleweed:libicu69-ledata-69.1-2.3.ppc64le",
"openSUSE Tumbleweed:libicu69-ledata-69.1-2.3.s390x",
"openSUSE Tumbleweed:libicu69-ledata-69.1-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2008-1036",
"url": "https://www.suse.com/security/cve/CVE-2008-1036"
},
{
"category": "external",
"summary": "SUSE Bug 489649 for CVE-2008-1036",
"url": "https://bugzilla.suse.com/489649"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:icu-69.1-2.3.aarch64",
"openSUSE Tumbleweed:icu-69.1-2.3.ppc64le",
"openSUSE Tumbleweed:icu-69.1-2.3.s390x",
"openSUSE Tumbleweed:icu-69.1-2.3.x86_64",
"openSUSE Tumbleweed:libicu-devel-32bit-69.1-2.3.aarch64",
"openSUSE Tumbleweed:libicu-devel-32bit-69.1-2.3.ppc64le",
"openSUSE Tumbleweed:libicu-devel-32bit-69.1-2.3.s390x",
"openSUSE Tumbleweed:libicu-devel-32bit-69.1-2.3.x86_64",
"openSUSE Tumbleweed:libicu-devel-69.1-2.3.aarch64",
"openSUSE Tumbleweed:libicu-devel-69.1-2.3.ppc64le",
"openSUSE Tumbleweed:libicu-devel-69.1-2.3.s390x",
"openSUSE Tumbleweed:libicu-devel-69.1-2.3.x86_64",
"openSUSE Tumbleweed:libicu-doc-69.1-2.3.aarch64",
"openSUSE Tumbleweed:libicu-doc-69.1-2.3.ppc64le",
"openSUSE Tumbleweed:libicu-doc-69.1-2.3.s390x",
"openSUSE Tumbleweed:libicu-doc-69.1-2.3.x86_64",
"openSUSE Tumbleweed:libicu69-32bit-69.1-2.3.aarch64",
"openSUSE Tumbleweed:libicu69-32bit-69.1-2.3.ppc64le",
"openSUSE Tumbleweed:libicu69-32bit-69.1-2.3.s390x",
"openSUSE Tumbleweed:libicu69-32bit-69.1-2.3.x86_64",
"openSUSE Tumbleweed:libicu69-69.1-2.3.aarch64",
"openSUSE Tumbleweed:libicu69-69.1-2.3.ppc64le",
"openSUSE Tumbleweed:libicu69-69.1-2.3.s390x",
"openSUSE Tumbleweed:libicu69-69.1-2.3.x86_64",
"openSUSE Tumbleweed:libicu69-bedata-69.1-2.3.aarch64",
"openSUSE Tumbleweed:libicu69-bedata-69.1-2.3.ppc64le",
"openSUSE Tumbleweed:libicu69-bedata-69.1-2.3.s390x",
"openSUSE Tumbleweed:libicu69-bedata-69.1-2.3.x86_64",
"openSUSE Tumbleweed:libicu69-ledata-69.1-2.3.aarch64",
"openSUSE Tumbleweed:libicu69-ledata-69.1-2.3.ppc64le",
"openSUSE Tumbleweed:libicu69-ledata-69.1-2.3.s390x",
"openSUSE Tumbleweed:libicu69-ledata-69.1-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2008-1036"
}
]
}
RHSA-2008:0090
Vulnerability from csaf_redhat - Published: 2008-01-25 13:28 - Updated: 2026-01-13 22:03Summary
Red Hat Security Advisory: icu security update
Severity
Important
Notes
Topic: Updated icu packages that fix two security issues are now available for Red
Hat Enterprise Linux 5.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
Details: The International Components for Unicode (ICU) library provides robust and
full-featured Unicode services.
Will Drewry reported multiple flaws in the way libicu processed certain
malformed regular expressions. If an application linked against ICU, such
as OpenOffice.org, processed a carefully crafted regular expression, it may
be possible to execute arbitrary code as the user running the application.
(CVE-2007-4770, CVE-2007-4771)
All users of icu should upgrade to these updated packages, which contain
backported patches to resolve these issues.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
libicu in International Components for Unicode (ICU) 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero (aka \0), which might allow context-dependent attackers to read from, or write to, out-of-bounds memory locations, related to corruption of REStackFrames.
Affected products
Fixed
96 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client-Workstation:icu-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-0:3.6-5.11.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-0:3.6-5.11.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-0:3.6-5.11.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-devel-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-devel-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-devel-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-devel-0:3.6-5.11.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-devel-0:3.6-5.11.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-devel-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-devel-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-doc-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-doc-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-doc-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-doc-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-doc-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-0:3.6-5.11.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-debuginfo-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-debuginfo-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-debuginfo-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-debuginfo-0:3.6-5.11.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-debuginfo-0:3.6-5.11.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-debuginfo-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-debuginfo-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-0:3.6-5.11.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-0:3.6-5.11.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-devel-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-devel-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-devel-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-devel-0:3.6-5.11.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-devel-0:3.6-5.11.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-devel-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-devel-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-doc-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-doc-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-doc-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-doc-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-doc-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-0:3.6-5.11.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-debuginfo-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-debuginfo-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-debuginfo-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-debuginfo-0:3.6-5.11.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-debuginfo-0:3.6-5.11.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-debuginfo-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-debuginfo-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-0:3.6-5.11.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-0:3.6-5.11.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-devel-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-devel-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-devel-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-devel-0:3.6-5.11.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-devel-0:3.6-5.11.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-devel-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-devel-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-doc-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-doc-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-doc-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-doc-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-doc-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Heap-based buffer overflow in the doInterval function in regexcmp.cpp in libicu in International Components for Unicode (ICU) 3.8.1 and earlier allows context-dependent attackers to cause a denial of service (memory consumption) and possibly have unspecified other impact via a regular expression that writes a large amount of data to the backtracking stack. NOTE: some of these details are obtained from third party information.
Affected products
Fixed
96 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client-Workstation:icu-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-0:3.6-5.11.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-0:3.6-5.11.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-0:3.6-5.11.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-devel-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-devel-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-devel-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-devel-0:3.6-5.11.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-devel-0:3.6-5.11.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-devel-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-devel-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-doc-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-doc-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-doc-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-doc-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-doc-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-0:3.6-5.11.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-debuginfo-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-debuginfo-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-debuginfo-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-debuginfo-0:3.6-5.11.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-debuginfo-0:3.6-5.11.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-debuginfo-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-debuginfo-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-0:3.6-5.11.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-0:3.6-5.11.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-devel-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-devel-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-devel-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-devel-0:3.6-5.11.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-devel-0:3.6-5.11.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-devel-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-devel-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-doc-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-doc-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-doc-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-doc-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-doc-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-0:3.6-5.11.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-debuginfo-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-debuginfo-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-debuginfo-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-debuginfo-0:3.6-5.11.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-debuginfo-0:3.6-5.11.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-debuginfo-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-debuginfo-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-0:3.6-5.11.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-0:3.6-5.11.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-devel-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-devel-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-devel-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-devel-0:3.6-5.11.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-devel-0:3.6-5.11.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-devel-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-devel-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-doc-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-doc-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-doc-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-doc-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-doc-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
References
13 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2008:0090 | self |
| https://access.redhat.com/security/updates/classi… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=429023 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=429025 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2007-4770 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=429023 | external |
| https://www.cve.org/CVERecord?id=CVE-2007-4770 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2007-4770 | external |
| https://access.redhat.com/security/cve/CVE-2007-4771 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=429025 | external |
| https://www.cve.org/CVERecord?id=CVE-2007-4771 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2007-4771 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated icu packages that fix two security issues are now available for Red\nHat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "The International Components for Unicode (ICU) library provides robust and\nfull-featured Unicode services.\n\nWill Drewry reported multiple flaws in the way libicu processed certain\nmalformed regular expressions. If an application linked against ICU, such\nas OpenOffice.org, processed a carefully crafted regular expression, it may\nbe possible to execute arbitrary code as the user running the application.\n(CVE-2007-4770, CVE-2007-4771)\n\nAll users of icu should upgrade to these updated packages, which contain\nbackported patches to resolve these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2008:0090",
"url": "https://access.redhat.com/errata/RHSA-2008:0090"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "429023",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=429023"
},
{
"category": "external",
"summary": "429025",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=429025"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0090.json"
}
],
"title": "Red Hat Security Advisory: icu security update",
"tracking": {
"current_release_date": "2026-01-13T22:03:44+00:00",
"generator": {
"date": "2026-01-13T22:03:44+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHSA-2008:0090",
"initial_release_date": "2008-01-25T13:28:00+00:00",
"revision_history": [
{
"date": "2008-01-25T13:28:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2008-01-25T08:28:40+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-13T22:03:44+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client_workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product": {
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "icu-0:3.6-5.11.1.src",
"product": {
"name": "icu-0:3.6-5.11.1.src",
"product_id": "icu-0:3.6-5.11.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/icu@3.6-5.11.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "libicu-devel-0:3.6-5.11.1.x86_64",
"product": {
"name": "libicu-devel-0:3.6-5.11.1.x86_64",
"product_id": "libicu-devel-0:3.6-5.11.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libicu-devel@3.6-5.11.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "icu-debuginfo-0:3.6-5.11.1.x86_64",
"product": {
"name": "icu-debuginfo-0:3.6-5.11.1.x86_64",
"product_id": "icu-debuginfo-0:3.6-5.11.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/icu-debuginfo@3.6-5.11.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "icu-0:3.6-5.11.1.x86_64",
"product": {
"name": "icu-0:3.6-5.11.1.x86_64",
"product_id": "icu-0:3.6-5.11.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/icu@3.6-5.11.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libicu-doc-0:3.6-5.11.1.x86_64",
"product": {
"name": "libicu-doc-0:3.6-5.11.1.x86_64",
"product_id": "libicu-doc-0:3.6-5.11.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libicu-doc@3.6-5.11.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libicu-0:3.6-5.11.1.x86_64",
"product": {
"name": "libicu-0:3.6-5.11.1.x86_64",
"product_id": "libicu-0:3.6-5.11.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libicu@3.6-5.11.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "libicu-devel-0:3.6-5.11.1.i386",
"product": {
"name": "libicu-devel-0:3.6-5.11.1.i386",
"product_id": "libicu-devel-0:3.6-5.11.1.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libicu-devel@3.6-5.11.1?arch=i386"
}
}
},
{
"category": "product_version",
"name": "icu-debuginfo-0:3.6-5.11.1.i386",
"product": {
"name": "icu-debuginfo-0:3.6-5.11.1.i386",
"product_id": "icu-debuginfo-0:3.6-5.11.1.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/icu-debuginfo@3.6-5.11.1?arch=i386"
}
}
},
{
"category": "product_version",
"name": "libicu-0:3.6-5.11.1.i386",
"product": {
"name": "libicu-0:3.6-5.11.1.i386",
"product_id": "libicu-0:3.6-5.11.1.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libicu@3.6-5.11.1?arch=i386"
}
}
},
{
"category": "product_version",
"name": "icu-0:3.6-5.11.1.i386",
"product": {
"name": "icu-0:3.6-5.11.1.i386",
"product_id": "icu-0:3.6-5.11.1.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/icu@3.6-5.11.1?arch=i386"
}
}
},
{
"category": "product_version",
"name": "libicu-doc-0:3.6-5.11.1.i386",
"product": {
"name": "libicu-doc-0:3.6-5.11.1.i386",
"product_id": "libicu-doc-0:3.6-5.11.1.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libicu-doc@3.6-5.11.1?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "icu-0:3.6-5.11.1.ia64",
"product": {
"name": "icu-0:3.6-5.11.1.ia64",
"product_id": "icu-0:3.6-5.11.1.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/icu@3.6-5.11.1?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "libicu-devel-0:3.6-5.11.1.ia64",
"product": {
"name": "libicu-devel-0:3.6-5.11.1.ia64",
"product_id": "libicu-devel-0:3.6-5.11.1.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libicu-devel@3.6-5.11.1?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "icu-debuginfo-0:3.6-5.11.1.ia64",
"product": {
"name": "icu-debuginfo-0:3.6-5.11.1.ia64",
"product_id": "icu-debuginfo-0:3.6-5.11.1.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/icu-debuginfo@3.6-5.11.1?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "libicu-doc-0:3.6-5.11.1.ia64",
"product": {
"name": "libicu-doc-0:3.6-5.11.1.ia64",
"product_id": "libicu-doc-0:3.6-5.11.1.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libicu-doc@3.6-5.11.1?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "libicu-0:3.6-5.11.1.ia64",
"product": {
"name": "libicu-0:3.6-5.11.1.ia64",
"product_id": "libicu-0:3.6-5.11.1.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libicu@3.6-5.11.1?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "icu-0:3.6-5.11.1.ppc",
"product": {
"name": "icu-0:3.6-5.11.1.ppc",
"product_id": "icu-0:3.6-5.11.1.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/icu@3.6-5.11.1?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "libicu-devel-0:3.6-5.11.1.ppc",
"product": {
"name": "libicu-devel-0:3.6-5.11.1.ppc",
"product_id": "libicu-devel-0:3.6-5.11.1.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libicu-devel@3.6-5.11.1?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "icu-debuginfo-0:3.6-5.11.1.ppc",
"product": {
"name": "icu-debuginfo-0:3.6-5.11.1.ppc",
"product_id": "icu-debuginfo-0:3.6-5.11.1.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/icu-debuginfo@3.6-5.11.1?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "libicu-doc-0:3.6-5.11.1.ppc",
"product": {
"name": "libicu-doc-0:3.6-5.11.1.ppc",
"product_id": "libicu-doc-0:3.6-5.11.1.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libicu-doc@3.6-5.11.1?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "libicu-0:3.6-5.11.1.ppc",
"product": {
"name": "libicu-0:3.6-5.11.1.ppc",
"product_id": "libicu-0:3.6-5.11.1.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libicu@3.6-5.11.1?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "libicu-devel-0:3.6-5.11.1.ppc64",
"product": {
"name": "libicu-devel-0:3.6-5.11.1.ppc64",
"product_id": "libicu-devel-0:3.6-5.11.1.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libicu-devel@3.6-5.11.1?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "icu-debuginfo-0:3.6-5.11.1.ppc64",
"product": {
"name": "icu-debuginfo-0:3.6-5.11.1.ppc64",
"product_id": "icu-debuginfo-0:3.6-5.11.1.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/icu-debuginfo@3.6-5.11.1?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "libicu-0:3.6-5.11.1.ppc64",
"product": {
"name": "libicu-0:3.6-5.11.1.ppc64",
"product_id": "libicu-0:3.6-5.11.1.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libicu@3.6-5.11.1?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "icu-0:3.6-5.11.1.s390x",
"product": {
"name": "icu-0:3.6-5.11.1.s390x",
"product_id": "icu-0:3.6-5.11.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/icu@3.6-5.11.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libicu-devel-0:3.6-5.11.1.s390x",
"product": {
"name": "libicu-devel-0:3.6-5.11.1.s390x",
"product_id": "libicu-devel-0:3.6-5.11.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libicu-devel@3.6-5.11.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "icu-debuginfo-0:3.6-5.11.1.s390x",
"product": {
"name": "icu-debuginfo-0:3.6-5.11.1.s390x",
"product_id": "icu-debuginfo-0:3.6-5.11.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/icu-debuginfo@3.6-5.11.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libicu-doc-0:3.6-5.11.1.s390x",
"product": {
"name": "libicu-doc-0:3.6-5.11.1.s390x",
"product_id": "libicu-doc-0:3.6-5.11.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libicu-doc@3.6-5.11.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libicu-0:3.6-5.11.1.s390x",
"product": {
"name": "libicu-0:3.6-5.11.1.s390x",
"product_id": "libicu-0:3.6-5.11.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libicu@3.6-5.11.1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libicu-devel-0:3.6-5.11.1.s390",
"product": {
"name": "libicu-devel-0:3.6-5.11.1.s390",
"product_id": "libicu-devel-0:3.6-5.11.1.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libicu-devel@3.6-5.11.1?arch=s390"
}
}
},
{
"category": "product_version",
"name": "icu-debuginfo-0:3.6-5.11.1.s390",
"product": {
"name": "icu-debuginfo-0:3.6-5.11.1.s390",
"product_id": "icu-debuginfo-0:3.6-5.11.1.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/icu-debuginfo@3.6-5.11.1?arch=s390"
}
}
},
{
"category": "product_version",
"name": "libicu-0:3.6-5.11.1.s390",
"product": {
"name": "libicu-0:3.6-5.11.1.s390",
"product_id": "libicu-0:3.6-5.11.1.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libicu@3.6-5.11.1?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-0:3.6-5.11.1.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:icu-0:3.6-5.11.1.i386"
},
"product_reference": "icu-0:3.6-5.11.1.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-0:3.6-5.11.1.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:icu-0:3.6-5.11.1.ia64"
},
"product_reference": "icu-0:3.6-5.11.1.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-0:3.6-5.11.1.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:icu-0:3.6-5.11.1.ppc"
},
"product_reference": "icu-0:3.6-5.11.1.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-0:3.6-5.11.1.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:icu-0:3.6-5.11.1.s390x"
},
"product_reference": "icu-0:3.6-5.11.1.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-0:3.6-5.11.1.src as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:icu-0:3.6-5.11.1.src"
},
"product_reference": "icu-0:3.6-5.11.1.src",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-0:3.6-5.11.1.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:icu-0:3.6-5.11.1.x86_64"
},
"product_reference": "icu-0:3.6-5.11.1.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-debuginfo-0:3.6-5.11.1.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.i386"
},
"product_reference": "icu-debuginfo-0:3.6-5.11.1.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-debuginfo-0:3.6-5.11.1.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.ia64"
},
"product_reference": "icu-debuginfo-0:3.6-5.11.1.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-debuginfo-0:3.6-5.11.1.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.ppc"
},
"product_reference": "icu-debuginfo-0:3.6-5.11.1.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-debuginfo-0:3.6-5.11.1.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.ppc64"
},
"product_reference": "icu-debuginfo-0:3.6-5.11.1.ppc64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-debuginfo-0:3.6-5.11.1.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.s390"
},
"product_reference": "icu-debuginfo-0:3.6-5.11.1.s390",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-debuginfo-0:3.6-5.11.1.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.s390x"
},
"product_reference": "icu-debuginfo-0:3.6-5.11.1.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-debuginfo-0:3.6-5.11.1.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.x86_64"
},
"product_reference": "icu-debuginfo-0:3.6-5.11.1.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-0:3.6-5.11.1.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libicu-0:3.6-5.11.1.i386"
},
"product_reference": "libicu-0:3.6-5.11.1.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-0:3.6-5.11.1.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libicu-0:3.6-5.11.1.ia64"
},
"product_reference": "libicu-0:3.6-5.11.1.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-0:3.6-5.11.1.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libicu-0:3.6-5.11.1.ppc"
},
"product_reference": "libicu-0:3.6-5.11.1.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-0:3.6-5.11.1.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libicu-0:3.6-5.11.1.ppc64"
},
"product_reference": "libicu-0:3.6-5.11.1.ppc64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-0:3.6-5.11.1.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libicu-0:3.6-5.11.1.s390"
},
"product_reference": "libicu-0:3.6-5.11.1.s390",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-0:3.6-5.11.1.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libicu-0:3.6-5.11.1.s390x"
},
"product_reference": "libicu-0:3.6-5.11.1.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-0:3.6-5.11.1.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libicu-0:3.6-5.11.1.x86_64"
},
"product_reference": "libicu-0:3.6-5.11.1.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-0:3.6-5.11.1.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libicu-devel-0:3.6-5.11.1.i386"
},
"product_reference": "libicu-devel-0:3.6-5.11.1.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-0:3.6-5.11.1.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libicu-devel-0:3.6-5.11.1.ia64"
},
"product_reference": "libicu-devel-0:3.6-5.11.1.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-0:3.6-5.11.1.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libicu-devel-0:3.6-5.11.1.ppc"
},
"product_reference": "libicu-devel-0:3.6-5.11.1.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-0:3.6-5.11.1.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libicu-devel-0:3.6-5.11.1.ppc64"
},
"product_reference": "libicu-devel-0:3.6-5.11.1.ppc64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-0:3.6-5.11.1.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libicu-devel-0:3.6-5.11.1.s390"
},
"product_reference": "libicu-devel-0:3.6-5.11.1.s390",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-0:3.6-5.11.1.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libicu-devel-0:3.6-5.11.1.s390x"
},
"product_reference": "libicu-devel-0:3.6-5.11.1.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-0:3.6-5.11.1.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libicu-devel-0:3.6-5.11.1.x86_64"
},
"product_reference": "libicu-devel-0:3.6-5.11.1.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-doc-0:3.6-5.11.1.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libicu-doc-0:3.6-5.11.1.i386"
},
"product_reference": "libicu-doc-0:3.6-5.11.1.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-doc-0:3.6-5.11.1.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libicu-doc-0:3.6-5.11.1.ia64"
},
"product_reference": "libicu-doc-0:3.6-5.11.1.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-doc-0:3.6-5.11.1.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libicu-doc-0:3.6-5.11.1.ppc"
},
"product_reference": "libicu-doc-0:3.6-5.11.1.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-doc-0:3.6-5.11.1.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libicu-doc-0:3.6-5.11.1.s390x"
},
"product_reference": "libicu-doc-0:3.6-5.11.1.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-doc-0:3.6-5.11.1.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libicu-doc-0:3.6-5.11.1.x86_64"
},
"product_reference": "libicu-doc-0:3.6-5.11.1.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-0:3.6-5.11.1.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:icu-0:3.6-5.11.1.i386"
},
"product_reference": "icu-0:3.6-5.11.1.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-0:3.6-5.11.1.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:icu-0:3.6-5.11.1.ia64"
},
"product_reference": "icu-0:3.6-5.11.1.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-0:3.6-5.11.1.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:icu-0:3.6-5.11.1.ppc"
},
"product_reference": "icu-0:3.6-5.11.1.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-0:3.6-5.11.1.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:icu-0:3.6-5.11.1.s390x"
},
"product_reference": "icu-0:3.6-5.11.1.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-0:3.6-5.11.1.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:icu-0:3.6-5.11.1.src"
},
"product_reference": "icu-0:3.6-5.11.1.src",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-0:3.6-5.11.1.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:icu-0:3.6-5.11.1.x86_64"
},
"product_reference": "icu-0:3.6-5.11.1.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-debuginfo-0:3.6-5.11.1.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:icu-debuginfo-0:3.6-5.11.1.i386"
},
"product_reference": "icu-debuginfo-0:3.6-5.11.1.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-debuginfo-0:3.6-5.11.1.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:icu-debuginfo-0:3.6-5.11.1.ia64"
},
"product_reference": "icu-debuginfo-0:3.6-5.11.1.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-debuginfo-0:3.6-5.11.1.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:icu-debuginfo-0:3.6-5.11.1.ppc"
},
"product_reference": "icu-debuginfo-0:3.6-5.11.1.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-debuginfo-0:3.6-5.11.1.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:icu-debuginfo-0:3.6-5.11.1.ppc64"
},
"product_reference": "icu-debuginfo-0:3.6-5.11.1.ppc64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-debuginfo-0:3.6-5.11.1.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:icu-debuginfo-0:3.6-5.11.1.s390"
},
"product_reference": "icu-debuginfo-0:3.6-5.11.1.s390",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-debuginfo-0:3.6-5.11.1.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:icu-debuginfo-0:3.6-5.11.1.s390x"
},
"product_reference": "icu-debuginfo-0:3.6-5.11.1.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-debuginfo-0:3.6-5.11.1.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:icu-debuginfo-0:3.6-5.11.1.x86_64"
},
"product_reference": "icu-debuginfo-0:3.6-5.11.1.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-0:3.6-5.11.1.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libicu-0:3.6-5.11.1.i386"
},
"product_reference": "libicu-0:3.6-5.11.1.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-0:3.6-5.11.1.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libicu-0:3.6-5.11.1.ia64"
},
"product_reference": "libicu-0:3.6-5.11.1.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-0:3.6-5.11.1.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libicu-0:3.6-5.11.1.ppc"
},
"product_reference": "libicu-0:3.6-5.11.1.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-0:3.6-5.11.1.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libicu-0:3.6-5.11.1.ppc64"
},
"product_reference": "libicu-0:3.6-5.11.1.ppc64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-0:3.6-5.11.1.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libicu-0:3.6-5.11.1.s390"
},
"product_reference": "libicu-0:3.6-5.11.1.s390",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-0:3.6-5.11.1.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libicu-0:3.6-5.11.1.s390x"
},
"product_reference": "libicu-0:3.6-5.11.1.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-0:3.6-5.11.1.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libicu-0:3.6-5.11.1.x86_64"
},
"product_reference": "libicu-0:3.6-5.11.1.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-0:3.6-5.11.1.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libicu-devel-0:3.6-5.11.1.i386"
},
"product_reference": "libicu-devel-0:3.6-5.11.1.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-0:3.6-5.11.1.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libicu-devel-0:3.6-5.11.1.ia64"
},
"product_reference": "libicu-devel-0:3.6-5.11.1.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-0:3.6-5.11.1.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libicu-devel-0:3.6-5.11.1.ppc"
},
"product_reference": "libicu-devel-0:3.6-5.11.1.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-0:3.6-5.11.1.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libicu-devel-0:3.6-5.11.1.ppc64"
},
"product_reference": "libicu-devel-0:3.6-5.11.1.ppc64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-0:3.6-5.11.1.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libicu-devel-0:3.6-5.11.1.s390"
},
"product_reference": "libicu-devel-0:3.6-5.11.1.s390",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-0:3.6-5.11.1.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libicu-devel-0:3.6-5.11.1.s390x"
},
"product_reference": "libicu-devel-0:3.6-5.11.1.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-0:3.6-5.11.1.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libicu-devel-0:3.6-5.11.1.x86_64"
},
"product_reference": "libicu-devel-0:3.6-5.11.1.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-doc-0:3.6-5.11.1.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libicu-doc-0:3.6-5.11.1.i386"
},
"product_reference": "libicu-doc-0:3.6-5.11.1.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-doc-0:3.6-5.11.1.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libicu-doc-0:3.6-5.11.1.ia64"
},
"product_reference": "libicu-doc-0:3.6-5.11.1.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-doc-0:3.6-5.11.1.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libicu-doc-0:3.6-5.11.1.ppc"
},
"product_reference": "libicu-doc-0:3.6-5.11.1.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-doc-0:3.6-5.11.1.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libicu-doc-0:3.6-5.11.1.s390x"
},
"product_reference": "libicu-doc-0:3.6-5.11.1.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-doc-0:3.6-5.11.1.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libicu-doc-0:3.6-5.11.1.x86_64"
},
"product_reference": "libicu-doc-0:3.6-5.11.1.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-0:3.6-5.11.1.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:icu-0:3.6-5.11.1.i386"
},
"product_reference": "icu-0:3.6-5.11.1.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-0:3.6-5.11.1.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:icu-0:3.6-5.11.1.ia64"
},
"product_reference": "icu-0:3.6-5.11.1.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-0:3.6-5.11.1.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:icu-0:3.6-5.11.1.ppc"
},
"product_reference": "icu-0:3.6-5.11.1.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-0:3.6-5.11.1.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:icu-0:3.6-5.11.1.s390x"
},
"product_reference": "icu-0:3.6-5.11.1.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-0:3.6-5.11.1.src as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:icu-0:3.6-5.11.1.src"
},
"product_reference": "icu-0:3.6-5.11.1.src",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-0:3.6-5.11.1.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:icu-0:3.6-5.11.1.x86_64"
},
"product_reference": "icu-0:3.6-5.11.1.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-debuginfo-0:3.6-5.11.1.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:icu-debuginfo-0:3.6-5.11.1.i386"
},
"product_reference": "icu-debuginfo-0:3.6-5.11.1.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-debuginfo-0:3.6-5.11.1.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:icu-debuginfo-0:3.6-5.11.1.ia64"
},
"product_reference": "icu-debuginfo-0:3.6-5.11.1.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-debuginfo-0:3.6-5.11.1.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:icu-debuginfo-0:3.6-5.11.1.ppc"
},
"product_reference": "icu-debuginfo-0:3.6-5.11.1.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-debuginfo-0:3.6-5.11.1.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:icu-debuginfo-0:3.6-5.11.1.ppc64"
},
"product_reference": "icu-debuginfo-0:3.6-5.11.1.ppc64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-debuginfo-0:3.6-5.11.1.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:icu-debuginfo-0:3.6-5.11.1.s390"
},
"product_reference": "icu-debuginfo-0:3.6-5.11.1.s390",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-debuginfo-0:3.6-5.11.1.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:icu-debuginfo-0:3.6-5.11.1.s390x"
},
"product_reference": "icu-debuginfo-0:3.6-5.11.1.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-debuginfo-0:3.6-5.11.1.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:icu-debuginfo-0:3.6-5.11.1.x86_64"
},
"product_reference": "icu-debuginfo-0:3.6-5.11.1.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-0:3.6-5.11.1.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libicu-0:3.6-5.11.1.i386"
},
"product_reference": "libicu-0:3.6-5.11.1.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-0:3.6-5.11.1.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libicu-0:3.6-5.11.1.ia64"
},
"product_reference": "libicu-0:3.6-5.11.1.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-0:3.6-5.11.1.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libicu-0:3.6-5.11.1.ppc"
},
"product_reference": "libicu-0:3.6-5.11.1.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-0:3.6-5.11.1.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libicu-0:3.6-5.11.1.ppc64"
},
"product_reference": "libicu-0:3.6-5.11.1.ppc64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-0:3.6-5.11.1.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libicu-0:3.6-5.11.1.s390"
},
"product_reference": "libicu-0:3.6-5.11.1.s390",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-0:3.6-5.11.1.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libicu-0:3.6-5.11.1.s390x"
},
"product_reference": "libicu-0:3.6-5.11.1.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-0:3.6-5.11.1.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libicu-0:3.6-5.11.1.x86_64"
},
"product_reference": "libicu-0:3.6-5.11.1.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-0:3.6-5.11.1.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libicu-devel-0:3.6-5.11.1.i386"
},
"product_reference": "libicu-devel-0:3.6-5.11.1.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-0:3.6-5.11.1.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libicu-devel-0:3.6-5.11.1.ia64"
},
"product_reference": "libicu-devel-0:3.6-5.11.1.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-0:3.6-5.11.1.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libicu-devel-0:3.6-5.11.1.ppc"
},
"product_reference": "libicu-devel-0:3.6-5.11.1.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-0:3.6-5.11.1.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libicu-devel-0:3.6-5.11.1.ppc64"
},
"product_reference": "libicu-devel-0:3.6-5.11.1.ppc64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-0:3.6-5.11.1.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libicu-devel-0:3.6-5.11.1.s390"
},
"product_reference": "libicu-devel-0:3.6-5.11.1.s390",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-0:3.6-5.11.1.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libicu-devel-0:3.6-5.11.1.s390x"
},
"product_reference": "libicu-devel-0:3.6-5.11.1.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-0:3.6-5.11.1.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libicu-devel-0:3.6-5.11.1.x86_64"
},
"product_reference": "libicu-devel-0:3.6-5.11.1.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-doc-0:3.6-5.11.1.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libicu-doc-0:3.6-5.11.1.i386"
},
"product_reference": "libicu-doc-0:3.6-5.11.1.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-doc-0:3.6-5.11.1.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libicu-doc-0:3.6-5.11.1.ia64"
},
"product_reference": "libicu-doc-0:3.6-5.11.1.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-doc-0:3.6-5.11.1.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libicu-doc-0:3.6-5.11.1.ppc"
},
"product_reference": "libicu-doc-0:3.6-5.11.1.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-doc-0:3.6-5.11.1.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libicu-doc-0:3.6-5.11.1.s390x"
},
"product_reference": "libicu-doc-0:3.6-5.11.1.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-doc-0:3.6-5.11.1.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libicu-doc-0:3.6-5.11.1.x86_64"
},
"product_reference": "libicu-doc-0:3.6-5.11.1.x86_64",
"relates_to_product_reference": "5Server"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2007-4770",
"discovery_date": "2008-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "429023"
}
],
"notes": [
{
"category": "description",
"text": "libicu in International Components for Unicode (ICU) 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero (aka \\0), which might allow context-dependent attackers to read from, or write to, out-of-bounds memory locations, related to corruption of REStackFrames.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libicu poor back reference validation",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"5Client-Workstation:icu-0:3.6-5.11.1.i386",
"5Client-Workstation:icu-0:3.6-5.11.1.ia64",
"5Client-Workstation:icu-0:3.6-5.11.1.ppc",
"5Client-Workstation:icu-0:3.6-5.11.1.s390x",
"5Client-Workstation:icu-0:3.6-5.11.1.src",
"5Client-Workstation:icu-0:3.6-5.11.1.x86_64",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.i386",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.ia64",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.ppc",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.ppc64",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.s390",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.s390x",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.x86_64",
"5Client-Workstation:libicu-0:3.6-5.11.1.i386",
"5Client-Workstation:libicu-0:3.6-5.11.1.ia64",
"5Client-Workstation:libicu-0:3.6-5.11.1.ppc",
"5Client-Workstation:libicu-0:3.6-5.11.1.ppc64",
"5Client-Workstation:libicu-0:3.6-5.11.1.s390",
"5Client-Workstation:libicu-0:3.6-5.11.1.s390x",
"5Client-Workstation:libicu-0:3.6-5.11.1.x86_64",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.i386",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.ia64",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.ppc",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.ppc64",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.s390",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.s390x",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.x86_64",
"5Client-Workstation:libicu-doc-0:3.6-5.11.1.i386",
"5Client-Workstation:libicu-doc-0:3.6-5.11.1.ia64",
"5Client-Workstation:libicu-doc-0:3.6-5.11.1.ppc",
"5Client-Workstation:libicu-doc-0:3.6-5.11.1.s390x",
"5Client-Workstation:libicu-doc-0:3.6-5.11.1.x86_64",
"5Client:icu-0:3.6-5.11.1.i386",
"5Client:icu-0:3.6-5.11.1.ia64",
"5Client:icu-0:3.6-5.11.1.ppc",
"5Client:icu-0:3.6-5.11.1.s390x",
"5Client:icu-0:3.6-5.11.1.src",
"5Client:icu-0:3.6-5.11.1.x86_64",
"5Client:icu-debuginfo-0:3.6-5.11.1.i386",
"5Client:icu-debuginfo-0:3.6-5.11.1.ia64",
"5Client:icu-debuginfo-0:3.6-5.11.1.ppc",
"5Client:icu-debuginfo-0:3.6-5.11.1.ppc64",
"5Client:icu-debuginfo-0:3.6-5.11.1.s390",
"5Client:icu-debuginfo-0:3.6-5.11.1.s390x",
"5Client:icu-debuginfo-0:3.6-5.11.1.x86_64",
"5Client:libicu-0:3.6-5.11.1.i386",
"5Client:libicu-0:3.6-5.11.1.ia64",
"5Client:libicu-0:3.6-5.11.1.ppc",
"5Client:libicu-0:3.6-5.11.1.ppc64",
"5Client:libicu-0:3.6-5.11.1.s390",
"5Client:libicu-0:3.6-5.11.1.s390x",
"5Client:libicu-0:3.6-5.11.1.x86_64",
"5Client:libicu-devel-0:3.6-5.11.1.i386",
"5Client:libicu-devel-0:3.6-5.11.1.ia64",
"5Client:libicu-devel-0:3.6-5.11.1.ppc",
"5Client:libicu-devel-0:3.6-5.11.1.ppc64",
"5Client:libicu-devel-0:3.6-5.11.1.s390",
"5Client:libicu-devel-0:3.6-5.11.1.s390x",
"5Client:libicu-devel-0:3.6-5.11.1.x86_64",
"5Client:libicu-doc-0:3.6-5.11.1.i386",
"5Client:libicu-doc-0:3.6-5.11.1.ia64",
"5Client:libicu-doc-0:3.6-5.11.1.ppc",
"5Client:libicu-doc-0:3.6-5.11.1.s390x",
"5Client:libicu-doc-0:3.6-5.11.1.x86_64",
"5Server:icu-0:3.6-5.11.1.i386",
"5Server:icu-0:3.6-5.11.1.ia64",
"5Server:icu-0:3.6-5.11.1.ppc",
"5Server:icu-0:3.6-5.11.1.s390x",
"5Server:icu-0:3.6-5.11.1.src",
"5Server:icu-0:3.6-5.11.1.x86_64",
"5Server:icu-debuginfo-0:3.6-5.11.1.i386",
"5Server:icu-debuginfo-0:3.6-5.11.1.ia64",
"5Server:icu-debuginfo-0:3.6-5.11.1.ppc",
"5Server:icu-debuginfo-0:3.6-5.11.1.ppc64",
"5Server:icu-debuginfo-0:3.6-5.11.1.s390",
"5Server:icu-debuginfo-0:3.6-5.11.1.s390x",
"5Server:icu-debuginfo-0:3.6-5.11.1.x86_64",
"5Server:libicu-0:3.6-5.11.1.i386",
"5Server:libicu-0:3.6-5.11.1.ia64",
"5Server:libicu-0:3.6-5.11.1.ppc",
"5Server:libicu-0:3.6-5.11.1.ppc64",
"5Server:libicu-0:3.6-5.11.1.s390",
"5Server:libicu-0:3.6-5.11.1.s390x",
"5Server:libicu-0:3.6-5.11.1.x86_64",
"5Server:libicu-devel-0:3.6-5.11.1.i386",
"5Server:libicu-devel-0:3.6-5.11.1.ia64",
"5Server:libicu-devel-0:3.6-5.11.1.ppc",
"5Server:libicu-devel-0:3.6-5.11.1.ppc64",
"5Server:libicu-devel-0:3.6-5.11.1.s390",
"5Server:libicu-devel-0:3.6-5.11.1.s390x",
"5Server:libicu-devel-0:3.6-5.11.1.x86_64",
"5Server:libicu-doc-0:3.6-5.11.1.i386",
"5Server:libicu-doc-0:3.6-5.11.1.ia64",
"5Server:libicu-doc-0:3.6-5.11.1.ppc",
"5Server:libicu-doc-0:3.6-5.11.1.s390x",
"5Server:libicu-doc-0:3.6-5.11.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2007-4770"
},
{
"category": "external",
"summary": "RHBZ#429023",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=429023"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2007-4770",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4770"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-4770",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-4770"
}
],
"release_date": "2008-01-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-01-25T13:28:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. \n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"5Client-Workstation:icu-0:3.6-5.11.1.i386",
"5Client-Workstation:icu-0:3.6-5.11.1.ia64",
"5Client-Workstation:icu-0:3.6-5.11.1.ppc",
"5Client-Workstation:icu-0:3.6-5.11.1.s390x",
"5Client-Workstation:icu-0:3.6-5.11.1.src",
"5Client-Workstation:icu-0:3.6-5.11.1.x86_64",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.i386",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.ia64",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.ppc",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.ppc64",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.s390",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.s390x",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.x86_64",
"5Client-Workstation:libicu-0:3.6-5.11.1.i386",
"5Client-Workstation:libicu-0:3.6-5.11.1.ia64",
"5Client-Workstation:libicu-0:3.6-5.11.1.ppc",
"5Client-Workstation:libicu-0:3.6-5.11.1.ppc64",
"5Client-Workstation:libicu-0:3.6-5.11.1.s390",
"5Client-Workstation:libicu-0:3.6-5.11.1.s390x",
"5Client-Workstation:libicu-0:3.6-5.11.1.x86_64",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.i386",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.ia64",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.ppc",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.ppc64",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.s390",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.s390x",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.x86_64",
"5Client-Workstation:libicu-doc-0:3.6-5.11.1.i386",
"5Client-Workstation:libicu-doc-0:3.6-5.11.1.ia64",
"5Client-Workstation:libicu-doc-0:3.6-5.11.1.ppc",
"5Client-Workstation:libicu-doc-0:3.6-5.11.1.s390x",
"5Client-Workstation:libicu-doc-0:3.6-5.11.1.x86_64",
"5Client:icu-0:3.6-5.11.1.i386",
"5Client:icu-0:3.6-5.11.1.ia64",
"5Client:icu-0:3.6-5.11.1.ppc",
"5Client:icu-0:3.6-5.11.1.s390x",
"5Client:icu-0:3.6-5.11.1.src",
"5Client:icu-0:3.6-5.11.1.x86_64",
"5Client:icu-debuginfo-0:3.6-5.11.1.i386",
"5Client:icu-debuginfo-0:3.6-5.11.1.ia64",
"5Client:icu-debuginfo-0:3.6-5.11.1.ppc",
"5Client:icu-debuginfo-0:3.6-5.11.1.ppc64",
"5Client:icu-debuginfo-0:3.6-5.11.1.s390",
"5Client:icu-debuginfo-0:3.6-5.11.1.s390x",
"5Client:icu-debuginfo-0:3.6-5.11.1.x86_64",
"5Client:libicu-0:3.6-5.11.1.i386",
"5Client:libicu-0:3.6-5.11.1.ia64",
"5Client:libicu-0:3.6-5.11.1.ppc",
"5Client:libicu-0:3.6-5.11.1.ppc64",
"5Client:libicu-0:3.6-5.11.1.s390",
"5Client:libicu-0:3.6-5.11.1.s390x",
"5Client:libicu-0:3.6-5.11.1.x86_64",
"5Client:libicu-devel-0:3.6-5.11.1.i386",
"5Client:libicu-devel-0:3.6-5.11.1.ia64",
"5Client:libicu-devel-0:3.6-5.11.1.ppc",
"5Client:libicu-devel-0:3.6-5.11.1.ppc64",
"5Client:libicu-devel-0:3.6-5.11.1.s390",
"5Client:libicu-devel-0:3.6-5.11.1.s390x",
"5Client:libicu-devel-0:3.6-5.11.1.x86_64",
"5Client:libicu-doc-0:3.6-5.11.1.i386",
"5Client:libicu-doc-0:3.6-5.11.1.ia64",
"5Client:libicu-doc-0:3.6-5.11.1.ppc",
"5Client:libicu-doc-0:3.6-5.11.1.s390x",
"5Client:libicu-doc-0:3.6-5.11.1.x86_64",
"5Server:icu-0:3.6-5.11.1.i386",
"5Server:icu-0:3.6-5.11.1.ia64",
"5Server:icu-0:3.6-5.11.1.ppc",
"5Server:icu-0:3.6-5.11.1.s390x",
"5Server:icu-0:3.6-5.11.1.src",
"5Server:icu-0:3.6-5.11.1.x86_64",
"5Server:icu-debuginfo-0:3.6-5.11.1.i386",
"5Server:icu-debuginfo-0:3.6-5.11.1.ia64",
"5Server:icu-debuginfo-0:3.6-5.11.1.ppc",
"5Server:icu-debuginfo-0:3.6-5.11.1.ppc64",
"5Server:icu-debuginfo-0:3.6-5.11.1.s390",
"5Server:icu-debuginfo-0:3.6-5.11.1.s390x",
"5Server:icu-debuginfo-0:3.6-5.11.1.x86_64",
"5Server:libicu-0:3.6-5.11.1.i386",
"5Server:libicu-0:3.6-5.11.1.ia64",
"5Server:libicu-0:3.6-5.11.1.ppc",
"5Server:libicu-0:3.6-5.11.1.ppc64",
"5Server:libicu-0:3.6-5.11.1.s390",
"5Server:libicu-0:3.6-5.11.1.s390x",
"5Server:libicu-0:3.6-5.11.1.x86_64",
"5Server:libicu-devel-0:3.6-5.11.1.i386",
"5Server:libicu-devel-0:3.6-5.11.1.ia64",
"5Server:libicu-devel-0:3.6-5.11.1.ppc",
"5Server:libicu-devel-0:3.6-5.11.1.ppc64",
"5Server:libicu-devel-0:3.6-5.11.1.s390",
"5Server:libicu-devel-0:3.6-5.11.1.s390x",
"5Server:libicu-devel-0:3.6-5.11.1.x86_64",
"5Server:libicu-doc-0:3.6-5.11.1.i386",
"5Server:libicu-doc-0:3.6-5.11.1.ia64",
"5Server:libicu-doc-0:3.6-5.11.1.ppc",
"5Server:libicu-doc-0:3.6-5.11.1.s390x",
"5Server:libicu-doc-0:3.6-5.11.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0090"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libicu poor back reference validation"
},
{
"cve": "CVE-2007-4771",
"discovery_date": "2008-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "429025"
}
],
"notes": [
{
"category": "description",
"text": "Heap-based buffer overflow in the doInterval function in regexcmp.cpp in libicu in International Components for Unicode (ICU) 3.8.1 and earlier allows context-dependent attackers to cause a denial of service (memory consumption) and possibly have unspecified other impact via a regular expression that writes a large amount of data to the backtracking stack. NOTE: some of these details are obtained from third party information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libicu incomplete interval handling",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"5Client-Workstation:icu-0:3.6-5.11.1.i386",
"5Client-Workstation:icu-0:3.6-5.11.1.ia64",
"5Client-Workstation:icu-0:3.6-5.11.1.ppc",
"5Client-Workstation:icu-0:3.6-5.11.1.s390x",
"5Client-Workstation:icu-0:3.6-5.11.1.src",
"5Client-Workstation:icu-0:3.6-5.11.1.x86_64",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.i386",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.ia64",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.ppc",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.ppc64",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.s390",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.s390x",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.x86_64",
"5Client-Workstation:libicu-0:3.6-5.11.1.i386",
"5Client-Workstation:libicu-0:3.6-5.11.1.ia64",
"5Client-Workstation:libicu-0:3.6-5.11.1.ppc",
"5Client-Workstation:libicu-0:3.6-5.11.1.ppc64",
"5Client-Workstation:libicu-0:3.6-5.11.1.s390",
"5Client-Workstation:libicu-0:3.6-5.11.1.s390x",
"5Client-Workstation:libicu-0:3.6-5.11.1.x86_64",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.i386",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.ia64",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.ppc",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.ppc64",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.s390",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.s390x",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.x86_64",
"5Client-Workstation:libicu-doc-0:3.6-5.11.1.i386",
"5Client-Workstation:libicu-doc-0:3.6-5.11.1.ia64",
"5Client-Workstation:libicu-doc-0:3.6-5.11.1.ppc",
"5Client-Workstation:libicu-doc-0:3.6-5.11.1.s390x",
"5Client-Workstation:libicu-doc-0:3.6-5.11.1.x86_64",
"5Client:icu-0:3.6-5.11.1.i386",
"5Client:icu-0:3.6-5.11.1.ia64",
"5Client:icu-0:3.6-5.11.1.ppc",
"5Client:icu-0:3.6-5.11.1.s390x",
"5Client:icu-0:3.6-5.11.1.src",
"5Client:icu-0:3.6-5.11.1.x86_64",
"5Client:icu-debuginfo-0:3.6-5.11.1.i386",
"5Client:icu-debuginfo-0:3.6-5.11.1.ia64",
"5Client:icu-debuginfo-0:3.6-5.11.1.ppc",
"5Client:icu-debuginfo-0:3.6-5.11.1.ppc64",
"5Client:icu-debuginfo-0:3.6-5.11.1.s390",
"5Client:icu-debuginfo-0:3.6-5.11.1.s390x",
"5Client:icu-debuginfo-0:3.6-5.11.1.x86_64",
"5Client:libicu-0:3.6-5.11.1.i386",
"5Client:libicu-0:3.6-5.11.1.ia64",
"5Client:libicu-0:3.6-5.11.1.ppc",
"5Client:libicu-0:3.6-5.11.1.ppc64",
"5Client:libicu-0:3.6-5.11.1.s390",
"5Client:libicu-0:3.6-5.11.1.s390x",
"5Client:libicu-0:3.6-5.11.1.x86_64",
"5Client:libicu-devel-0:3.6-5.11.1.i386",
"5Client:libicu-devel-0:3.6-5.11.1.ia64",
"5Client:libicu-devel-0:3.6-5.11.1.ppc",
"5Client:libicu-devel-0:3.6-5.11.1.ppc64",
"5Client:libicu-devel-0:3.6-5.11.1.s390",
"5Client:libicu-devel-0:3.6-5.11.1.s390x",
"5Client:libicu-devel-0:3.6-5.11.1.x86_64",
"5Client:libicu-doc-0:3.6-5.11.1.i386",
"5Client:libicu-doc-0:3.6-5.11.1.ia64",
"5Client:libicu-doc-0:3.6-5.11.1.ppc",
"5Client:libicu-doc-0:3.6-5.11.1.s390x",
"5Client:libicu-doc-0:3.6-5.11.1.x86_64",
"5Server:icu-0:3.6-5.11.1.i386",
"5Server:icu-0:3.6-5.11.1.ia64",
"5Server:icu-0:3.6-5.11.1.ppc",
"5Server:icu-0:3.6-5.11.1.s390x",
"5Server:icu-0:3.6-5.11.1.src",
"5Server:icu-0:3.6-5.11.1.x86_64",
"5Server:icu-debuginfo-0:3.6-5.11.1.i386",
"5Server:icu-debuginfo-0:3.6-5.11.1.ia64",
"5Server:icu-debuginfo-0:3.6-5.11.1.ppc",
"5Server:icu-debuginfo-0:3.6-5.11.1.ppc64",
"5Server:icu-debuginfo-0:3.6-5.11.1.s390",
"5Server:icu-debuginfo-0:3.6-5.11.1.s390x",
"5Server:icu-debuginfo-0:3.6-5.11.1.x86_64",
"5Server:libicu-0:3.6-5.11.1.i386",
"5Server:libicu-0:3.6-5.11.1.ia64",
"5Server:libicu-0:3.6-5.11.1.ppc",
"5Server:libicu-0:3.6-5.11.1.ppc64",
"5Server:libicu-0:3.6-5.11.1.s390",
"5Server:libicu-0:3.6-5.11.1.s390x",
"5Server:libicu-0:3.6-5.11.1.x86_64",
"5Server:libicu-devel-0:3.6-5.11.1.i386",
"5Server:libicu-devel-0:3.6-5.11.1.ia64",
"5Server:libicu-devel-0:3.6-5.11.1.ppc",
"5Server:libicu-devel-0:3.6-5.11.1.ppc64",
"5Server:libicu-devel-0:3.6-5.11.1.s390",
"5Server:libicu-devel-0:3.6-5.11.1.s390x",
"5Server:libicu-devel-0:3.6-5.11.1.x86_64",
"5Server:libicu-doc-0:3.6-5.11.1.i386",
"5Server:libicu-doc-0:3.6-5.11.1.ia64",
"5Server:libicu-doc-0:3.6-5.11.1.ppc",
"5Server:libicu-doc-0:3.6-5.11.1.s390x",
"5Server:libicu-doc-0:3.6-5.11.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2007-4771"
},
{
"category": "external",
"summary": "RHBZ#429025",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=429025"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2007-4771",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4771"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-4771",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-4771"
}
],
"release_date": "2008-01-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-01-25T13:28:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. \n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"5Client-Workstation:icu-0:3.6-5.11.1.i386",
"5Client-Workstation:icu-0:3.6-5.11.1.ia64",
"5Client-Workstation:icu-0:3.6-5.11.1.ppc",
"5Client-Workstation:icu-0:3.6-5.11.1.s390x",
"5Client-Workstation:icu-0:3.6-5.11.1.src",
"5Client-Workstation:icu-0:3.6-5.11.1.x86_64",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.i386",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.ia64",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.ppc",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.ppc64",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.s390",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.s390x",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.x86_64",
"5Client-Workstation:libicu-0:3.6-5.11.1.i386",
"5Client-Workstation:libicu-0:3.6-5.11.1.ia64",
"5Client-Workstation:libicu-0:3.6-5.11.1.ppc",
"5Client-Workstation:libicu-0:3.6-5.11.1.ppc64",
"5Client-Workstation:libicu-0:3.6-5.11.1.s390",
"5Client-Workstation:libicu-0:3.6-5.11.1.s390x",
"5Client-Workstation:libicu-0:3.6-5.11.1.x86_64",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.i386",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.ia64",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.ppc",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.ppc64",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.s390",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.s390x",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.x86_64",
"5Client-Workstation:libicu-doc-0:3.6-5.11.1.i386",
"5Client-Workstation:libicu-doc-0:3.6-5.11.1.ia64",
"5Client-Workstation:libicu-doc-0:3.6-5.11.1.ppc",
"5Client-Workstation:libicu-doc-0:3.6-5.11.1.s390x",
"5Client-Workstation:libicu-doc-0:3.6-5.11.1.x86_64",
"5Client:icu-0:3.6-5.11.1.i386",
"5Client:icu-0:3.6-5.11.1.ia64",
"5Client:icu-0:3.6-5.11.1.ppc",
"5Client:icu-0:3.6-5.11.1.s390x",
"5Client:icu-0:3.6-5.11.1.src",
"5Client:icu-0:3.6-5.11.1.x86_64",
"5Client:icu-debuginfo-0:3.6-5.11.1.i386",
"5Client:icu-debuginfo-0:3.6-5.11.1.ia64",
"5Client:icu-debuginfo-0:3.6-5.11.1.ppc",
"5Client:icu-debuginfo-0:3.6-5.11.1.ppc64",
"5Client:icu-debuginfo-0:3.6-5.11.1.s390",
"5Client:icu-debuginfo-0:3.6-5.11.1.s390x",
"5Client:icu-debuginfo-0:3.6-5.11.1.x86_64",
"5Client:libicu-0:3.6-5.11.1.i386",
"5Client:libicu-0:3.6-5.11.1.ia64",
"5Client:libicu-0:3.6-5.11.1.ppc",
"5Client:libicu-0:3.6-5.11.1.ppc64",
"5Client:libicu-0:3.6-5.11.1.s390",
"5Client:libicu-0:3.6-5.11.1.s390x",
"5Client:libicu-0:3.6-5.11.1.x86_64",
"5Client:libicu-devel-0:3.6-5.11.1.i386",
"5Client:libicu-devel-0:3.6-5.11.1.ia64",
"5Client:libicu-devel-0:3.6-5.11.1.ppc",
"5Client:libicu-devel-0:3.6-5.11.1.ppc64",
"5Client:libicu-devel-0:3.6-5.11.1.s390",
"5Client:libicu-devel-0:3.6-5.11.1.s390x",
"5Client:libicu-devel-0:3.6-5.11.1.x86_64",
"5Client:libicu-doc-0:3.6-5.11.1.i386",
"5Client:libicu-doc-0:3.6-5.11.1.ia64",
"5Client:libicu-doc-0:3.6-5.11.1.ppc",
"5Client:libicu-doc-0:3.6-5.11.1.s390x",
"5Client:libicu-doc-0:3.6-5.11.1.x86_64",
"5Server:icu-0:3.6-5.11.1.i386",
"5Server:icu-0:3.6-5.11.1.ia64",
"5Server:icu-0:3.6-5.11.1.ppc",
"5Server:icu-0:3.6-5.11.1.s390x",
"5Server:icu-0:3.6-5.11.1.src",
"5Server:icu-0:3.6-5.11.1.x86_64",
"5Server:icu-debuginfo-0:3.6-5.11.1.i386",
"5Server:icu-debuginfo-0:3.6-5.11.1.ia64",
"5Server:icu-debuginfo-0:3.6-5.11.1.ppc",
"5Server:icu-debuginfo-0:3.6-5.11.1.ppc64",
"5Server:icu-debuginfo-0:3.6-5.11.1.s390",
"5Server:icu-debuginfo-0:3.6-5.11.1.s390x",
"5Server:icu-debuginfo-0:3.6-5.11.1.x86_64",
"5Server:libicu-0:3.6-5.11.1.i386",
"5Server:libicu-0:3.6-5.11.1.ia64",
"5Server:libicu-0:3.6-5.11.1.ppc",
"5Server:libicu-0:3.6-5.11.1.ppc64",
"5Server:libicu-0:3.6-5.11.1.s390",
"5Server:libicu-0:3.6-5.11.1.s390x",
"5Server:libicu-0:3.6-5.11.1.x86_64",
"5Server:libicu-devel-0:3.6-5.11.1.i386",
"5Server:libicu-devel-0:3.6-5.11.1.ia64",
"5Server:libicu-devel-0:3.6-5.11.1.ppc",
"5Server:libicu-devel-0:3.6-5.11.1.ppc64",
"5Server:libicu-devel-0:3.6-5.11.1.s390",
"5Server:libicu-devel-0:3.6-5.11.1.s390x",
"5Server:libicu-devel-0:3.6-5.11.1.x86_64",
"5Server:libicu-doc-0:3.6-5.11.1.i386",
"5Server:libicu-doc-0:3.6-5.11.1.ia64",
"5Server:libicu-doc-0:3.6-5.11.1.ppc",
"5Server:libicu-doc-0:3.6-5.11.1.s390x",
"5Server:libicu-doc-0:3.6-5.11.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0090"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libicu incomplete interval handling"
}
]
}
RHSA-2008_0090
Vulnerability from csaf_redhat - Published: 2008-01-25 13:28 - Updated: 2024-11-22 01:46Summary
Red Hat Security Advisory: icu security update
Severity
Important
Notes
Topic: Updated icu packages that fix two security issues are now available for Red
Hat Enterprise Linux 5.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
Details: The International Components for Unicode (ICU) library provides robust and
full-featured Unicode services.
Will Drewry reported multiple flaws in the way libicu processed certain
malformed regular expressions. If an application linked against ICU, such
as OpenOffice.org, processed a carefully crafted regular expression, it may
be possible to execute arbitrary code as the user running the application.
(CVE-2007-4770, CVE-2007-4771)
All users of icu should upgrade to these updated packages, which contain
backported patches to resolve these issues.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
libicu in International Components for Unicode (ICU) 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero (aka \0), which might allow context-dependent attackers to read from, or write to, out-of-bounds memory locations, related to corruption of REStackFrames.
Affected products
Fixed
96 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client-Workstation:icu-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-0:3.6-5.11.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-0:3.6-5.11.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-0:3.6-5.11.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-devel-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-devel-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-devel-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-devel-0:3.6-5.11.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-devel-0:3.6-5.11.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-devel-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-devel-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-doc-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-doc-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-doc-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-doc-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-doc-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-0:3.6-5.11.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-debuginfo-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-debuginfo-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-debuginfo-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-debuginfo-0:3.6-5.11.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-debuginfo-0:3.6-5.11.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-debuginfo-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-debuginfo-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-0:3.6-5.11.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-0:3.6-5.11.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-devel-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-devel-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-devel-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-devel-0:3.6-5.11.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-devel-0:3.6-5.11.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-devel-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-devel-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-doc-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-doc-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-doc-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-doc-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-doc-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-0:3.6-5.11.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-debuginfo-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-debuginfo-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-debuginfo-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-debuginfo-0:3.6-5.11.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-debuginfo-0:3.6-5.11.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-debuginfo-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-debuginfo-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-0:3.6-5.11.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-0:3.6-5.11.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-devel-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-devel-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-devel-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-devel-0:3.6-5.11.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-devel-0:3.6-5.11.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-devel-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-devel-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-doc-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-doc-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-doc-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-doc-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-doc-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Heap-based buffer overflow in the doInterval function in regexcmp.cpp in libicu in International Components for Unicode (ICU) 3.8.1 and earlier allows context-dependent attackers to cause a denial of service (memory consumption) and possibly have unspecified other impact via a regular expression that writes a large amount of data to the backtracking stack. NOTE: some of these details are obtained from third party information.
Affected products
Fixed
96 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client-Workstation:icu-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-0:3.6-5.11.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-0:3.6-5.11.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-0:3.6-5.11.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-devel-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-devel-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-devel-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-devel-0:3.6-5.11.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-devel-0:3.6-5.11.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-devel-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-devel-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-doc-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-doc-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-doc-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-doc-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:libicu-doc-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-0:3.6-5.11.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-debuginfo-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-debuginfo-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-debuginfo-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-debuginfo-0:3.6-5.11.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-debuginfo-0:3.6-5.11.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-debuginfo-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:icu-debuginfo-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-0:3.6-5.11.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-0:3.6-5.11.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-devel-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-devel-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-devel-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-devel-0:3.6-5.11.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-devel-0:3.6-5.11.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-devel-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-devel-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-doc-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-doc-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-doc-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-doc-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:libicu-doc-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-0:3.6-5.11.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-debuginfo-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-debuginfo-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-debuginfo-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-debuginfo-0:3.6-5.11.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-debuginfo-0:3.6-5.11.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-debuginfo-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:icu-debuginfo-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-0:3.6-5.11.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-0:3.6-5.11.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-devel-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-devel-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-devel-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-devel-0:3.6-5.11.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-devel-0:3.6-5.11.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-devel-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-devel-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-doc-0:3.6-5.11.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-doc-0:3.6-5.11.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-doc-0:3.6-5.11.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-doc-0:3.6-5.11.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:libicu-doc-0:3.6-5.11.1.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
References
13 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2008:0090 | self |
| https://access.redhat.com/security/updates/classi… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=429023 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=429025 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2007-4770 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=429023 | external |
| https://www.cve.org/CVERecord?id=CVE-2007-4770 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2007-4770 | external |
| https://access.redhat.com/security/cve/CVE-2007-4771 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=429025 | external |
| https://www.cve.org/CVERecord?id=CVE-2007-4771 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2007-4771 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated icu packages that fix two security issues are now available for Red\nHat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "The International Components for Unicode (ICU) library provides robust and\nfull-featured Unicode services.\n\nWill Drewry reported multiple flaws in the way libicu processed certain\nmalformed regular expressions. If an application linked against ICU, such\nas OpenOffice.org, processed a carefully crafted regular expression, it may\nbe possible to execute arbitrary code as the user running the application.\n(CVE-2007-4770, CVE-2007-4771)\n\nAll users of icu should upgrade to these updated packages, which contain\nbackported patches to resolve these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2008:0090",
"url": "https://access.redhat.com/errata/RHSA-2008:0090"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "429023",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=429023"
},
{
"category": "external",
"summary": "429025",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=429025"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0090.json"
}
],
"title": "Red Hat Security Advisory: icu security update",
"tracking": {
"current_release_date": "2024-11-22T01:46:54+00:00",
"generator": {
"date": "2024-11-22T01:46:54+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2008:0090",
"initial_release_date": "2008-01-25T13:28:00+00:00",
"revision_history": [
{
"date": "2008-01-25T13:28:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2008-01-25T08:28:40+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T01:46:54+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client_workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product": {
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "icu-0:3.6-5.11.1.src",
"product": {
"name": "icu-0:3.6-5.11.1.src",
"product_id": "icu-0:3.6-5.11.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/icu@3.6-5.11.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "libicu-devel-0:3.6-5.11.1.x86_64",
"product": {
"name": "libicu-devel-0:3.6-5.11.1.x86_64",
"product_id": "libicu-devel-0:3.6-5.11.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libicu-devel@3.6-5.11.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "icu-debuginfo-0:3.6-5.11.1.x86_64",
"product": {
"name": "icu-debuginfo-0:3.6-5.11.1.x86_64",
"product_id": "icu-debuginfo-0:3.6-5.11.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/icu-debuginfo@3.6-5.11.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "icu-0:3.6-5.11.1.x86_64",
"product": {
"name": "icu-0:3.6-5.11.1.x86_64",
"product_id": "icu-0:3.6-5.11.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/icu@3.6-5.11.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libicu-doc-0:3.6-5.11.1.x86_64",
"product": {
"name": "libicu-doc-0:3.6-5.11.1.x86_64",
"product_id": "libicu-doc-0:3.6-5.11.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libicu-doc@3.6-5.11.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libicu-0:3.6-5.11.1.x86_64",
"product": {
"name": "libicu-0:3.6-5.11.1.x86_64",
"product_id": "libicu-0:3.6-5.11.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libicu@3.6-5.11.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "libicu-devel-0:3.6-5.11.1.i386",
"product": {
"name": "libicu-devel-0:3.6-5.11.1.i386",
"product_id": "libicu-devel-0:3.6-5.11.1.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libicu-devel@3.6-5.11.1?arch=i386"
}
}
},
{
"category": "product_version",
"name": "icu-debuginfo-0:3.6-5.11.1.i386",
"product": {
"name": "icu-debuginfo-0:3.6-5.11.1.i386",
"product_id": "icu-debuginfo-0:3.6-5.11.1.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/icu-debuginfo@3.6-5.11.1?arch=i386"
}
}
},
{
"category": "product_version",
"name": "libicu-0:3.6-5.11.1.i386",
"product": {
"name": "libicu-0:3.6-5.11.1.i386",
"product_id": "libicu-0:3.6-5.11.1.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libicu@3.6-5.11.1?arch=i386"
}
}
},
{
"category": "product_version",
"name": "icu-0:3.6-5.11.1.i386",
"product": {
"name": "icu-0:3.6-5.11.1.i386",
"product_id": "icu-0:3.6-5.11.1.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/icu@3.6-5.11.1?arch=i386"
}
}
},
{
"category": "product_version",
"name": "libicu-doc-0:3.6-5.11.1.i386",
"product": {
"name": "libicu-doc-0:3.6-5.11.1.i386",
"product_id": "libicu-doc-0:3.6-5.11.1.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libicu-doc@3.6-5.11.1?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "icu-0:3.6-5.11.1.ia64",
"product": {
"name": "icu-0:3.6-5.11.1.ia64",
"product_id": "icu-0:3.6-5.11.1.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/icu@3.6-5.11.1?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "libicu-devel-0:3.6-5.11.1.ia64",
"product": {
"name": "libicu-devel-0:3.6-5.11.1.ia64",
"product_id": "libicu-devel-0:3.6-5.11.1.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libicu-devel@3.6-5.11.1?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "icu-debuginfo-0:3.6-5.11.1.ia64",
"product": {
"name": "icu-debuginfo-0:3.6-5.11.1.ia64",
"product_id": "icu-debuginfo-0:3.6-5.11.1.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/icu-debuginfo@3.6-5.11.1?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "libicu-doc-0:3.6-5.11.1.ia64",
"product": {
"name": "libicu-doc-0:3.6-5.11.1.ia64",
"product_id": "libicu-doc-0:3.6-5.11.1.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libicu-doc@3.6-5.11.1?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "libicu-0:3.6-5.11.1.ia64",
"product": {
"name": "libicu-0:3.6-5.11.1.ia64",
"product_id": "libicu-0:3.6-5.11.1.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libicu@3.6-5.11.1?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "icu-0:3.6-5.11.1.ppc",
"product": {
"name": "icu-0:3.6-5.11.1.ppc",
"product_id": "icu-0:3.6-5.11.1.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/icu@3.6-5.11.1?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "libicu-devel-0:3.6-5.11.1.ppc",
"product": {
"name": "libicu-devel-0:3.6-5.11.1.ppc",
"product_id": "libicu-devel-0:3.6-5.11.1.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libicu-devel@3.6-5.11.1?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "icu-debuginfo-0:3.6-5.11.1.ppc",
"product": {
"name": "icu-debuginfo-0:3.6-5.11.1.ppc",
"product_id": "icu-debuginfo-0:3.6-5.11.1.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/icu-debuginfo@3.6-5.11.1?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "libicu-doc-0:3.6-5.11.1.ppc",
"product": {
"name": "libicu-doc-0:3.6-5.11.1.ppc",
"product_id": "libicu-doc-0:3.6-5.11.1.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libicu-doc@3.6-5.11.1?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "libicu-0:3.6-5.11.1.ppc",
"product": {
"name": "libicu-0:3.6-5.11.1.ppc",
"product_id": "libicu-0:3.6-5.11.1.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libicu@3.6-5.11.1?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "libicu-devel-0:3.6-5.11.1.ppc64",
"product": {
"name": "libicu-devel-0:3.6-5.11.1.ppc64",
"product_id": "libicu-devel-0:3.6-5.11.1.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libicu-devel@3.6-5.11.1?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "icu-debuginfo-0:3.6-5.11.1.ppc64",
"product": {
"name": "icu-debuginfo-0:3.6-5.11.1.ppc64",
"product_id": "icu-debuginfo-0:3.6-5.11.1.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/icu-debuginfo@3.6-5.11.1?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "libicu-0:3.6-5.11.1.ppc64",
"product": {
"name": "libicu-0:3.6-5.11.1.ppc64",
"product_id": "libicu-0:3.6-5.11.1.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libicu@3.6-5.11.1?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "icu-0:3.6-5.11.1.s390x",
"product": {
"name": "icu-0:3.6-5.11.1.s390x",
"product_id": "icu-0:3.6-5.11.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/icu@3.6-5.11.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libicu-devel-0:3.6-5.11.1.s390x",
"product": {
"name": "libicu-devel-0:3.6-5.11.1.s390x",
"product_id": "libicu-devel-0:3.6-5.11.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libicu-devel@3.6-5.11.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "icu-debuginfo-0:3.6-5.11.1.s390x",
"product": {
"name": "icu-debuginfo-0:3.6-5.11.1.s390x",
"product_id": "icu-debuginfo-0:3.6-5.11.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/icu-debuginfo@3.6-5.11.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libicu-doc-0:3.6-5.11.1.s390x",
"product": {
"name": "libicu-doc-0:3.6-5.11.1.s390x",
"product_id": "libicu-doc-0:3.6-5.11.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libicu-doc@3.6-5.11.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libicu-0:3.6-5.11.1.s390x",
"product": {
"name": "libicu-0:3.6-5.11.1.s390x",
"product_id": "libicu-0:3.6-5.11.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libicu@3.6-5.11.1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libicu-devel-0:3.6-5.11.1.s390",
"product": {
"name": "libicu-devel-0:3.6-5.11.1.s390",
"product_id": "libicu-devel-0:3.6-5.11.1.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libicu-devel@3.6-5.11.1?arch=s390"
}
}
},
{
"category": "product_version",
"name": "icu-debuginfo-0:3.6-5.11.1.s390",
"product": {
"name": "icu-debuginfo-0:3.6-5.11.1.s390",
"product_id": "icu-debuginfo-0:3.6-5.11.1.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/icu-debuginfo@3.6-5.11.1?arch=s390"
}
}
},
{
"category": "product_version",
"name": "libicu-0:3.6-5.11.1.s390",
"product": {
"name": "libicu-0:3.6-5.11.1.s390",
"product_id": "libicu-0:3.6-5.11.1.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libicu@3.6-5.11.1?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-0:3.6-5.11.1.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:icu-0:3.6-5.11.1.i386"
},
"product_reference": "icu-0:3.6-5.11.1.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-0:3.6-5.11.1.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:icu-0:3.6-5.11.1.ia64"
},
"product_reference": "icu-0:3.6-5.11.1.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-0:3.6-5.11.1.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:icu-0:3.6-5.11.1.ppc"
},
"product_reference": "icu-0:3.6-5.11.1.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-0:3.6-5.11.1.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:icu-0:3.6-5.11.1.s390x"
},
"product_reference": "icu-0:3.6-5.11.1.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-0:3.6-5.11.1.src as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:icu-0:3.6-5.11.1.src"
},
"product_reference": "icu-0:3.6-5.11.1.src",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-0:3.6-5.11.1.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:icu-0:3.6-5.11.1.x86_64"
},
"product_reference": "icu-0:3.6-5.11.1.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-debuginfo-0:3.6-5.11.1.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.i386"
},
"product_reference": "icu-debuginfo-0:3.6-5.11.1.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-debuginfo-0:3.6-5.11.1.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.ia64"
},
"product_reference": "icu-debuginfo-0:3.6-5.11.1.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-debuginfo-0:3.6-5.11.1.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.ppc"
},
"product_reference": "icu-debuginfo-0:3.6-5.11.1.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-debuginfo-0:3.6-5.11.1.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.ppc64"
},
"product_reference": "icu-debuginfo-0:3.6-5.11.1.ppc64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-debuginfo-0:3.6-5.11.1.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.s390"
},
"product_reference": "icu-debuginfo-0:3.6-5.11.1.s390",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-debuginfo-0:3.6-5.11.1.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.s390x"
},
"product_reference": "icu-debuginfo-0:3.6-5.11.1.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-debuginfo-0:3.6-5.11.1.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.x86_64"
},
"product_reference": "icu-debuginfo-0:3.6-5.11.1.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-0:3.6-5.11.1.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libicu-0:3.6-5.11.1.i386"
},
"product_reference": "libicu-0:3.6-5.11.1.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-0:3.6-5.11.1.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libicu-0:3.6-5.11.1.ia64"
},
"product_reference": "libicu-0:3.6-5.11.1.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-0:3.6-5.11.1.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libicu-0:3.6-5.11.1.ppc"
},
"product_reference": "libicu-0:3.6-5.11.1.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-0:3.6-5.11.1.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libicu-0:3.6-5.11.1.ppc64"
},
"product_reference": "libicu-0:3.6-5.11.1.ppc64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-0:3.6-5.11.1.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libicu-0:3.6-5.11.1.s390"
},
"product_reference": "libicu-0:3.6-5.11.1.s390",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-0:3.6-5.11.1.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libicu-0:3.6-5.11.1.s390x"
},
"product_reference": "libicu-0:3.6-5.11.1.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-0:3.6-5.11.1.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libicu-0:3.6-5.11.1.x86_64"
},
"product_reference": "libicu-0:3.6-5.11.1.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-0:3.6-5.11.1.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libicu-devel-0:3.6-5.11.1.i386"
},
"product_reference": "libicu-devel-0:3.6-5.11.1.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-0:3.6-5.11.1.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libicu-devel-0:3.6-5.11.1.ia64"
},
"product_reference": "libicu-devel-0:3.6-5.11.1.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-0:3.6-5.11.1.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libicu-devel-0:3.6-5.11.1.ppc"
},
"product_reference": "libicu-devel-0:3.6-5.11.1.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-0:3.6-5.11.1.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libicu-devel-0:3.6-5.11.1.ppc64"
},
"product_reference": "libicu-devel-0:3.6-5.11.1.ppc64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-0:3.6-5.11.1.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libicu-devel-0:3.6-5.11.1.s390"
},
"product_reference": "libicu-devel-0:3.6-5.11.1.s390",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-0:3.6-5.11.1.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libicu-devel-0:3.6-5.11.1.s390x"
},
"product_reference": "libicu-devel-0:3.6-5.11.1.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-0:3.6-5.11.1.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libicu-devel-0:3.6-5.11.1.x86_64"
},
"product_reference": "libicu-devel-0:3.6-5.11.1.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-doc-0:3.6-5.11.1.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libicu-doc-0:3.6-5.11.1.i386"
},
"product_reference": "libicu-doc-0:3.6-5.11.1.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-doc-0:3.6-5.11.1.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libicu-doc-0:3.6-5.11.1.ia64"
},
"product_reference": "libicu-doc-0:3.6-5.11.1.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-doc-0:3.6-5.11.1.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libicu-doc-0:3.6-5.11.1.ppc"
},
"product_reference": "libicu-doc-0:3.6-5.11.1.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-doc-0:3.6-5.11.1.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libicu-doc-0:3.6-5.11.1.s390x"
},
"product_reference": "libicu-doc-0:3.6-5.11.1.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-doc-0:3.6-5.11.1.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libicu-doc-0:3.6-5.11.1.x86_64"
},
"product_reference": "libicu-doc-0:3.6-5.11.1.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-0:3.6-5.11.1.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:icu-0:3.6-5.11.1.i386"
},
"product_reference": "icu-0:3.6-5.11.1.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-0:3.6-5.11.1.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:icu-0:3.6-5.11.1.ia64"
},
"product_reference": "icu-0:3.6-5.11.1.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-0:3.6-5.11.1.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:icu-0:3.6-5.11.1.ppc"
},
"product_reference": "icu-0:3.6-5.11.1.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-0:3.6-5.11.1.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:icu-0:3.6-5.11.1.s390x"
},
"product_reference": "icu-0:3.6-5.11.1.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-0:3.6-5.11.1.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:icu-0:3.6-5.11.1.src"
},
"product_reference": "icu-0:3.6-5.11.1.src",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-0:3.6-5.11.1.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:icu-0:3.6-5.11.1.x86_64"
},
"product_reference": "icu-0:3.6-5.11.1.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-debuginfo-0:3.6-5.11.1.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:icu-debuginfo-0:3.6-5.11.1.i386"
},
"product_reference": "icu-debuginfo-0:3.6-5.11.1.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-debuginfo-0:3.6-5.11.1.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:icu-debuginfo-0:3.6-5.11.1.ia64"
},
"product_reference": "icu-debuginfo-0:3.6-5.11.1.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-debuginfo-0:3.6-5.11.1.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:icu-debuginfo-0:3.6-5.11.1.ppc"
},
"product_reference": "icu-debuginfo-0:3.6-5.11.1.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-debuginfo-0:3.6-5.11.1.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:icu-debuginfo-0:3.6-5.11.1.ppc64"
},
"product_reference": "icu-debuginfo-0:3.6-5.11.1.ppc64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-debuginfo-0:3.6-5.11.1.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:icu-debuginfo-0:3.6-5.11.1.s390"
},
"product_reference": "icu-debuginfo-0:3.6-5.11.1.s390",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-debuginfo-0:3.6-5.11.1.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:icu-debuginfo-0:3.6-5.11.1.s390x"
},
"product_reference": "icu-debuginfo-0:3.6-5.11.1.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-debuginfo-0:3.6-5.11.1.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:icu-debuginfo-0:3.6-5.11.1.x86_64"
},
"product_reference": "icu-debuginfo-0:3.6-5.11.1.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-0:3.6-5.11.1.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libicu-0:3.6-5.11.1.i386"
},
"product_reference": "libicu-0:3.6-5.11.1.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-0:3.6-5.11.1.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libicu-0:3.6-5.11.1.ia64"
},
"product_reference": "libicu-0:3.6-5.11.1.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-0:3.6-5.11.1.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libicu-0:3.6-5.11.1.ppc"
},
"product_reference": "libicu-0:3.6-5.11.1.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-0:3.6-5.11.1.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libicu-0:3.6-5.11.1.ppc64"
},
"product_reference": "libicu-0:3.6-5.11.1.ppc64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-0:3.6-5.11.1.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libicu-0:3.6-5.11.1.s390"
},
"product_reference": "libicu-0:3.6-5.11.1.s390",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-0:3.6-5.11.1.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libicu-0:3.6-5.11.1.s390x"
},
"product_reference": "libicu-0:3.6-5.11.1.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-0:3.6-5.11.1.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libicu-0:3.6-5.11.1.x86_64"
},
"product_reference": "libicu-0:3.6-5.11.1.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-0:3.6-5.11.1.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libicu-devel-0:3.6-5.11.1.i386"
},
"product_reference": "libicu-devel-0:3.6-5.11.1.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-0:3.6-5.11.1.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libicu-devel-0:3.6-5.11.1.ia64"
},
"product_reference": "libicu-devel-0:3.6-5.11.1.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-0:3.6-5.11.1.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libicu-devel-0:3.6-5.11.1.ppc"
},
"product_reference": "libicu-devel-0:3.6-5.11.1.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-0:3.6-5.11.1.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libicu-devel-0:3.6-5.11.1.ppc64"
},
"product_reference": "libicu-devel-0:3.6-5.11.1.ppc64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-0:3.6-5.11.1.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libicu-devel-0:3.6-5.11.1.s390"
},
"product_reference": "libicu-devel-0:3.6-5.11.1.s390",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-0:3.6-5.11.1.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libicu-devel-0:3.6-5.11.1.s390x"
},
"product_reference": "libicu-devel-0:3.6-5.11.1.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-0:3.6-5.11.1.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libicu-devel-0:3.6-5.11.1.x86_64"
},
"product_reference": "libicu-devel-0:3.6-5.11.1.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-doc-0:3.6-5.11.1.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libicu-doc-0:3.6-5.11.1.i386"
},
"product_reference": "libicu-doc-0:3.6-5.11.1.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-doc-0:3.6-5.11.1.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libicu-doc-0:3.6-5.11.1.ia64"
},
"product_reference": "libicu-doc-0:3.6-5.11.1.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-doc-0:3.6-5.11.1.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libicu-doc-0:3.6-5.11.1.ppc"
},
"product_reference": "libicu-doc-0:3.6-5.11.1.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-doc-0:3.6-5.11.1.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libicu-doc-0:3.6-5.11.1.s390x"
},
"product_reference": "libicu-doc-0:3.6-5.11.1.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-doc-0:3.6-5.11.1.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libicu-doc-0:3.6-5.11.1.x86_64"
},
"product_reference": "libicu-doc-0:3.6-5.11.1.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-0:3.6-5.11.1.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:icu-0:3.6-5.11.1.i386"
},
"product_reference": "icu-0:3.6-5.11.1.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-0:3.6-5.11.1.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:icu-0:3.6-5.11.1.ia64"
},
"product_reference": "icu-0:3.6-5.11.1.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-0:3.6-5.11.1.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:icu-0:3.6-5.11.1.ppc"
},
"product_reference": "icu-0:3.6-5.11.1.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-0:3.6-5.11.1.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:icu-0:3.6-5.11.1.s390x"
},
"product_reference": "icu-0:3.6-5.11.1.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-0:3.6-5.11.1.src as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:icu-0:3.6-5.11.1.src"
},
"product_reference": "icu-0:3.6-5.11.1.src",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-0:3.6-5.11.1.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:icu-0:3.6-5.11.1.x86_64"
},
"product_reference": "icu-0:3.6-5.11.1.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-debuginfo-0:3.6-5.11.1.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:icu-debuginfo-0:3.6-5.11.1.i386"
},
"product_reference": "icu-debuginfo-0:3.6-5.11.1.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-debuginfo-0:3.6-5.11.1.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:icu-debuginfo-0:3.6-5.11.1.ia64"
},
"product_reference": "icu-debuginfo-0:3.6-5.11.1.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-debuginfo-0:3.6-5.11.1.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:icu-debuginfo-0:3.6-5.11.1.ppc"
},
"product_reference": "icu-debuginfo-0:3.6-5.11.1.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-debuginfo-0:3.6-5.11.1.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:icu-debuginfo-0:3.6-5.11.1.ppc64"
},
"product_reference": "icu-debuginfo-0:3.6-5.11.1.ppc64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-debuginfo-0:3.6-5.11.1.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:icu-debuginfo-0:3.6-5.11.1.s390"
},
"product_reference": "icu-debuginfo-0:3.6-5.11.1.s390",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-debuginfo-0:3.6-5.11.1.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:icu-debuginfo-0:3.6-5.11.1.s390x"
},
"product_reference": "icu-debuginfo-0:3.6-5.11.1.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icu-debuginfo-0:3.6-5.11.1.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:icu-debuginfo-0:3.6-5.11.1.x86_64"
},
"product_reference": "icu-debuginfo-0:3.6-5.11.1.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-0:3.6-5.11.1.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libicu-0:3.6-5.11.1.i386"
},
"product_reference": "libicu-0:3.6-5.11.1.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-0:3.6-5.11.1.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libicu-0:3.6-5.11.1.ia64"
},
"product_reference": "libicu-0:3.6-5.11.1.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-0:3.6-5.11.1.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libicu-0:3.6-5.11.1.ppc"
},
"product_reference": "libicu-0:3.6-5.11.1.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-0:3.6-5.11.1.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libicu-0:3.6-5.11.1.ppc64"
},
"product_reference": "libicu-0:3.6-5.11.1.ppc64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-0:3.6-5.11.1.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libicu-0:3.6-5.11.1.s390"
},
"product_reference": "libicu-0:3.6-5.11.1.s390",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-0:3.6-5.11.1.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libicu-0:3.6-5.11.1.s390x"
},
"product_reference": "libicu-0:3.6-5.11.1.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-0:3.6-5.11.1.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libicu-0:3.6-5.11.1.x86_64"
},
"product_reference": "libicu-0:3.6-5.11.1.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-0:3.6-5.11.1.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libicu-devel-0:3.6-5.11.1.i386"
},
"product_reference": "libicu-devel-0:3.6-5.11.1.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-0:3.6-5.11.1.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libicu-devel-0:3.6-5.11.1.ia64"
},
"product_reference": "libicu-devel-0:3.6-5.11.1.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-0:3.6-5.11.1.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libicu-devel-0:3.6-5.11.1.ppc"
},
"product_reference": "libicu-devel-0:3.6-5.11.1.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-0:3.6-5.11.1.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libicu-devel-0:3.6-5.11.1.ppc64"
},
"product_reference": "libicu-devel-0:3.6-5.11.1.ppc64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-0:3.6-5.11.1.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libicu-devel-0:3.6-5.11.1.s390"
},
"product_reference": "libicu-devel-0:3.6-5.11.1.s390",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-0:3.6-5.11.1.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libicu-devel-0:3.6-5.11.1.s390x"
},
"product_reference": "libicu-devel-0:3.6-5.11.1.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-devel-0:3.6-5.11.1.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libicu-devel-0:3.6-5.11.1.x86_64"
},
"product_reference": "libicu-devel-0:3.6-5.11.1.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-doc-0:3.6-5.11.1.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libicu-doc-0:3.6-5.11.1.i386"
},
"product_reference": "libicu-doc-0:3.6-5.11.1.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-doc-0:3.6-5.11.1.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libicu-doc-0:3.6-5.11.1.ia64"
},
"product_reference": "libicu-doc-0:3.6-5.11.1.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-doc-0:3.6-5.11.1.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libicu-doc-0:3.6-5.11.1.ppc"
},
"product_reference": "libicu-doc-0:3.6-5.11.1.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-doc-0:3.6-5.11.1.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libicu-doc-0:3.6-5.11.1.s390x"
},
"product_reference": "libicu-doc-0:3.6-5.11.1.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libicu-doc-0:3.6-5.11.1.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libicu-doc-0:3.6-5.11.1.x86_64"
},
"product_reference": "libicu-doc-0:3.6-5.11.1.x86_64",
"relates_to_product_reference": "5Server"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2007-4770",
"discovery_date": "2008-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "429023"
}
],
"notes": [
{
"category": "description",
"text": "libicu in International Components for Unicode (ICU) 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero (aka \\0), which might allow context-dependent attackers to read from, or write to, out-of-bounds memory locations, related to corruption of REStackFrames.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libicu poor back reference validation",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"5Client-Workstation:icu-0:3.6-5.11.1.i386",
"5Client-Workstation:icu-0:3.6-5.11.1.ia64",
"5Client-Workstation:icu-0:3.6-5.11.1.ppc",
"5Client-Workstation:icu-0:3.6-5.11.1.s390x",
"5Client-Workstation:icu-0:3.6-5.11.1.src",
"5Client-Workstation:icu-0:3.6-5.11.1.x86_64",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.i386",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.ia64",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.ppc",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.ppc64",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.s390",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.s390x",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.x86_64",
"5Client-Workstation:libicu-0:3.6-5.11.1.i386",
"5Client-Workstation:libicu-0:3.6-5.11.1.ia64",
"5Client-Workstation:libicu-0:3.6-5.11.1.ppc",
"5Client-Workstation:libicu-0:3.6-5.11.1.ppc64",
"5Client-Workstation:libicu-0:3.6-5.11.1.s390",
"5Client-Workstation:libicu-0:3.6-5.11.1.s390x",
"5Client-Workstation:libicu-0:3.6-5.11.1.x86_64",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.i386",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.ia64",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.ppc",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.ppc64",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.s390",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.s390x",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.x86_64",
"5Client-Workstation:libicu-doc-0:3.6-5.11.1.i386",
"5Client-Workstation:libicu-doc-0:3.6-5.11.1.ia64",
"5Client-Workstation:libicu-doc-0:3.6-5.11.1.ppc",
"5Client-Workstation:libicu-doc-0:3.6-5.11.1.s390x",
"5Client-Workstation:libicu-doc-0:3.6-5.11.1.x86_64",
"5Client:icu-0:3.6-5.11.1.i386",
"5Client:icu-0:3.6-5.11.1.ia64",
"5Client:icu-0:3.6-5.11.1.ppc",
"5Client:icu-0:3.6-5.11.1.s390x",
"5Client:icu-0:3.6-5.11.1.src",
"5Client:icu-0:3.6-5.11.1.x86_64",
"5Client:icu-debuginfo-0:3.6-5.11.1.i386",
"5Client:icu-debuginfo-0:3.6-5.11.1.ia64",
"5Client:icu-debuginfo-0:3.6-5.11.1.ppc",
"5Client:icu-debuginfo-0:3.6-5.11.1.ppc64",
"5Client:icu-debuginfo-0:3.6-5.11.1.s390",
"5Client:icu-debuginfo-0:3.6-5.11.1.s390x",
"5Client:icu-debuginfo-0:3.6-5.11.1.x86_64",
"5Client:libicu-0:3.6-5.11.1.i386",
"5Client:libicu-0:3.6-5.11.1.ia64",
"5Client:libicu-0:3.6-5.11.1.ppc",
"5Client:libicu-0:3.6-5.11.1.ppc64",
"5Client:libicu-0:3.6-5.11.1.s390",
"5Client:libicu-0:3.6-5.11.1.s390x",
"5Client:libicu-0:3.6-5.11.1.x86_64",
"5Client:libicu-devel-0:3.6-5.11.1.i386",
"5Client:libicu-devel-0:3.6-5.11.1.ia64",
"5Client:libicu-devel-0:3.6-5.11.1.ppc",
"5Client:libicu-devel-0:3.6-5.11.1.ppc64",
"5Client:libicu-devel-0:3.6-5.11.1.s390",
"5Client:libicu-devel-0:3.6-5.11.1.s390x",
"5Client:libicu-devel-0:3.6-5.11.1.x86_64",
"5Client:libicu-doc-0:3.6-5.11.1.i386",
"5Client:libicu-doc-0:3.6-5.11.1.ia64",
"5Client:libicu-doc-0:3.6-5.11.1.ppc",
"5Client:libicu-doc-0:3.6-5.11.1.s390x",
"5Client:libicu-doc-0:3.6-5.11.1.x86_64",
"5Server:icu-0:3.6-5.11.1.i386",
"5Server:icu-0:3.6-5.11.1.ia64",
"5Server:icu-0:3.6-5.11.1.ppc",
"5Server:icu-0:3.6-5.11.1.s390x",
"5Server:icu-0:3.6-5.11.1.src",
"5Server:icu-0:3.6-5.11.1.x86_64",
"5Server:icu-debuginfo-0:3.6-5.11.1.i386",
"5Server:icu-debuginfo-0:3.6-5.11.1.ia64",
"5Server:icu-debuginfo-0:3.6-5.11.1.ppc",
"5Server:icu-debuginfo-0:3.6-5.11.1.ppc64",
"5Server:icu-debuginfo-0:3.6-5.11.1.s390",
"5Server:icu-debuginfo-0:3.6-5.11.1.s390x",
"5Server:icu-debuginfo-0:3.6-5.11.1.x86_64",
"5Server:libicu-0:3.6-5.11.1.i386",
"5Server:libicu-0:3.6-5.11.1.ia64",
"5Server:libicu-0:3.6-5.11.1.ppc",
"5Server:libicu-0:3.6-5.11.1.ppc64",
"5Server:libicu-0:3.6-5.11.1.s390",
"5Server:libicu-0:3.6-5.11.1.s390x",
"5Server:libicu-0:3.6-5.11.1.x86_64",
"5Server:libicu-devel-0:3.6-5.11.1.i386",
"5Server:libicu-devel-0:3.6-5.11.1.ia64",
"5Server:libicu-devel-0:3.6-5.11.1.ppc",
"5Server:libicu-devel-0:3.6-5.11.1.ppc64",
"5Server:libicu-devel-0:3.6-5.11.1.s390",
"5Server:libicu-devel-0:3.6-5.11.1.s390x",
"5Server:libicu-devel-0:3.6-5.11.1.x86_64",
"5Server:libicu-doc-0:3.6-5.11.1.i386",
"5Server:libicu-doc-0:3.6-5.11.1.ia64",
"5Server:libicu-doc-0:3.6-5.11.1.ppc",
"5Server:libicu-doc-0:3.6-5.11.1.s390x",
"5Server:libicu-doc-0:3.6-5.11.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2007-4770"
},
{
"category": "external",
"summary": "RHBZ#429023",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=429023"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2007-4770",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4770"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-4770",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-4770"
}
],
"release_date": "2008-01-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-01-25T13:28:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. \n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"5Client-Workstation:icu-0:3.6-5.11.1.i386",
"5Client-Workstation:icu-0:3.6-5.11.1.ia64",
"5Client-Workstation:icu-0:3.6-5.11.1.ppc",
"5Client-Workstation:icu-0:3.6-5.11.1.s390x",
"5Client-Workstation:icu-0:3.6-5.11.1.src",
"5Client-Workstation:icu-0:3.6-5.11.1.x86_64",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.i386",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.ia64",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.ppc",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.ppc64",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.s390",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.s390x",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.x86_64",
"5Client-Workstation:libicu-0:3.6-5.11.1.i386",
"5Client-Workstation:libicu-0:3.6-5.11.1.ia64",
"5Client-Workstation:libicu-0:3.6-5.11.1.ppc",
"5Client-Workstation:libicu-0:3.6-5.11.1.ppc64",
"5Client-Workstation:libicu-0:3.6-5.11.1.s390",
"5Client-Workstation:libicu-0:3.6-5.11.1.s390x",
"5Client-Workstation:libicu-0:3.6-5.11.1.x86_64",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.i386",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.ia64",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.ppc",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.ppc64",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.s390",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.s390x",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.x86_64",
"5Client-Workstation:libicu-doc-0:3.6-5.11.1.i386",
"5Client-Workstation:libicu-doc-0:3.6-5.11.1.ia64",
"5Client-Workstation:libicu-doc-0:3.6-5.11.1.ppc",
"5Client-Workstation:libicu-doc-0:3.6-5.11.1.s390x",
"5Client-Workstation:libicu-doc-0:3.6-5.11.1.x86_64",
"5Client:icu-0:3.6-5.11.1.i386",
"5Client:icu-0:3.6-5.11.1.ia64",
"5Client:icu-0:3.6-5.11.1.ppc",
"5Client:icu-0:3.6-5.11.1.s390x",
"5Client:icu-0:3.6-5.11.1.src",
"5Client:icu-0:3.6-5.11.1.x86_64",
"5Client:icu-debuginfo-0:3.6-5.11.1.i386",
"5Client:icu-debuginfo-0:3.6-5.11.1.ia64",
"5Client:icu-debuginfo-0:3.6-5.11.1.ppc",
"5Client:icu-debuginfo-0:3.6-5.11.1.ppc64",
"5Client:icu-debuginfo-0:3.6-5.11.1.s390",
"5Client:icu-debuginfo-0:3.6-5.11.1.s390x",
"5Client:icu-debuginfo-0:3.6-5.11.1.x86_64",
"5Client:libicu-0:3.6-5.11.1.i386",
"5Client:libicu-0:3.6-5.11.1.ia64",
"5Client:libicu-0:3.6-5.11.1.ppc",
"5Client:libicu-0:3.6-5.11.1.ppc64",
"5Client:libicu-0:3.6-5.11.1.s390",
"5Client:libicu-0:3.6-5.11.1.s390x",
"5Client:libicu-0:3.6-5.11.1.x86_64",
"5Client:libicu-devel-0:3.6-5.11.1.i386",
"5Client:libicu-devel-0:3.6-5.11.1.ia64",
"5Client:libicu-devel-0:3.6-5.11.1.ppc",
"5Client:libicu-devel-0:3.6-5.11.1.ppc64",
"5Client:libicu-devel-0:3.6-5.11.1.s390",
"5Client:libicu-devel-0:3.6-5.11.1.s390x",
"5Client:libicu-devel-0:3.6-5.11.1.x86_64",
"5Client:libicu-doc-0:3.6-5.11.1.i386",
"5Client:libicu-doc-0:3.6-5.11.1.ia64",
"5Client:libicu-doc-0:3.6-5.11.1.ppc",
"5Client:libicu-doc-0:3.6-5.11.1.s390x",
"5Client:libicu-doc-0:3.6-5.11.1.x86_64",
"5Server:icu-0:3.6-5.11.1.i386",
"5Server:icu-0:3.6-5.11.1.ia64",
"5Server:icu-0:3.6-5.11.1.ppc",
"5Server:icu-0:3.6-5.11.1.s390x",
"5Server:icu-0:3.6-5.11.1.src",
"5Server:icu-0:3.6-5.11.1.x86_64",
"5Server:icu-debuginfo-0:3.6-5.11.1.i386",
"5Server:icu-debuginfo-0:3.6-5.11.1.ia64",
"5Server:icu-debuginfo-0:3.6-5.11.1.ppc",
"5Server:icu-debuginfo-0:3.6-5.11.1.ppc64",
"5Server:icu-debuginfo-0:3.6-5.11.1.s390",
"5Server:icu-debuginfo-0:3.6-5.11.1.s390x",
"5Server:icu-debuginfo-0:3.6-5.11.1.x86_64",
"5Server:libicu-0:3.6-5.11.1.i386",
"5Server:libicu-0:3.6-5.11.1.ia64",
"5Server:libicu-0:3.6-5.11.1.ppc",
"5Server:libicu-0:3.6-5.11.1.ppc64",
"5Server:libicu-0:3.6-5.11.1.s390",
"5Server:libicu-0:3.6-5.11.1.s390x",
"5Server:libicu-0:3.6-5.11.1.x86_64",
"5Server:libicu-devel-0:3.6-5.11.1.i386",
"5Server:libicu-devel-0:3.6-5.11.1.ia64",
"5Server:libicu-devel-0:3.6-5.11.1.ppc",
"5Server:libicu-devel-0:3.6-5.11.1.ppc64",
"5Server:libicu-devel-0:3.6-5.11.1.s390",
"5Server:libicu-devel-0:3.6-5.11.1.s390x",
"5Server:libicu-devel-0:3.6-5.11.1.x86_64",
"5Server:libicu-doc-0:3.6-5.11.1.i386",
"5Server:libicu-doc-0:3.6-5.11.1.ia64",
"5Server:libicu-doc-0:3.6-5.11.1.ppc",
"5Server:libicu-doc-0:3.6-5.11.1.s390x",
"5Server:libicu-doc-0:3.6-5.11.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0090"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libicu poor back reference validation"
},
{
"cve": "CVE-2007-4771",
"discovery_date": "2008-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "429025"
}
],
"notes": [
{
"category": "description",
"text": "Heap-based buffer overflow in the doInterval function in regexcmp.cpp in libicu in International Components for Unicode (ICU) 3.8.1 and earlier allows context-dependent attackers to cause a denial of service (memory consumption) and possibly have unspecified other impact via a regular expression that writes a large amount of data to the backtracking stack. NOTE: some of these details are obtained from third party information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libicu incomplete interval handling",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"5Client-Workstation:icu-0:3.6-5.11.1.i386",
"5Client-Workstation:icu-0:3.6-5.11.1.ia64",
"5Client-Workstation:icu-0:3.6-5.11.1.ppc",
"5Client-Workstation:icu-0:3.6-5.11.1.s390x",
"5Client-Workstation:icu-0:3.6-5.11.1.src",
"5Client-Workstation:icu-0:3.6-5.11.1.x86_64",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.i386",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.ia64",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.ppc",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.ppc64",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.s390",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.s390x",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.x86_64",
"5Client-Workstation:libicu-0:3.6-5.11.1.i386",
"5Client-Workstation:libicu-0:3.6-5.11.1.ia64",
"5Client-Workstation:libicu-0:3.6-5.11.1.ppc",
"5Client-Workstation:libicu-0:3.6-5.11.1.ppc64",
"5Client-Workstation:libicu-0:3.6-5.11.1.s390",
"5Client-Workstation:libicu-0:3.6-5.11.1.s390x",
"5Client-Workstation:libicu-0:3.6-5.11.1.x86_64",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.i386",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.ia64",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.ppc",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.ppc64",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.s390",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.s390x",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.x86_64",
"5Client-Workstation:libicu-doc-0:3.6-5.11.1.i386",
"5Client-Workstation:libicu-doc-0:3.6-5.11.1.ia64",
"5Client-Workstation:libicu-doc-0:3.6-5.11.1.ppc",
"5Client-Workstation:libicu-doc-0:3.6-5.11.1.s390x",
"5Client-Workstation:libicu-doc-0:3.6-5.11.1.x86_64",
"5Client:icu-0:3.6-5.11.1.i386",
"5Client:icu-0:3.6-5.11.1.ia64",
"5Client:icu-0:3.6-5.11.1.ppc",
"5Client:icu-0:3.6-5.11.1.s390x",
"5Client:icu-0:3.6-5.11.1.src",
"5Client:icu-0:3.6-5.11.1.x86_64",
"5Client:icu-debuginfo-0:3.6-5.11.1.i386",
"5Client:icu-debuginfo-0:3.6-5.11.1.ia64",
"5Client:icu-debuginfo-0:3.6-5.11.1.ppc",
"5Client:icu-debuginfo-0:3.6-5.11.1.ppc64",
"5Client:icu-debuginfo-0:3.6-5.11.1.s390",
"5Client:icu-debuginfo-0:3.6-5.11.1.s390x",
"5Client:icu-debuginfo-0:3.6-5.11.1.x86_64",
"5Client:libicu-0:3.6-5.11.1.i386",
"5Client:libicu-0:3.6-5.11.1.ia64",
"5Client:libicu-0:3.6-5.11.1.ppc",
"5Client:libicu-0:3.6-5.11.1.ppc64",
"5Client:libicu-0:3.6-5.11.1.s390",
"5Client:libicu-0:3.6-5.11.1.s390x",
"5Client:libicu-0:3.6-5.11.1.x86_64",
"5Client:libicu-devel-0:3.6-5.11.1.i386",
"5Client:libicu-devel-0:3.6-5.11.1.ia64",
"5Client:libicu-devel-0:3.6-5.11.1.ppc",
"5Client:libicu-devel-0:3.6-5.11.1.ppc64",
"5Client:libicu-devel-0:3.6-5.11.1.s390",
"5Client:libicu-devel-0:3.6-5.11.1.s390x",
"5Client:libicu-devel-0:3.6-5.11.1.x86_64",
"5Client:libicu-doc-0:3.6-5.11.1.i386",
"5Client:libicu-doc-0:3.6-5.11.1.ia64",
"5Client:libicu-doc-0:3.6-5.11.1.ppc",
"5Client:libicu-doc-0:3.6-5.11.1.s390x",
"5Client:libicu-doc-0:3.6-5.11.1.x86_64",
"5Server:icu-0:3.6-5.11.1.i386",
"5Server:icu-0:3.6-5.11.1.ia64",
"5Server:icu-0:3.6-5.11.1.ppc",
"5Server:icu-0:3.6-5.11.1.s390x",
"5Server:icu-0:3.6-5.11.1.src",
"5Server:icu-0:3.6-5.11.1.x86_64",
"5Server:icu-debuginfo-0:3.6-5.11.1.i386",
"5Server:icu-debuginfo-0:3.6-5.11.1.ia64",
"5Server:icu-debuginfo-0:3.6-5.11.1.ppc",
"5Server:icu-debuginfo-0:3.6-5.11.1.ppc64",
"5Server:icu-debuginfo-0:3.6-5.11.1.s390",
"5Server:icu-debuginfo-0:3.6-5.11.1.s390x",
"5Server:icu-debuginfo-0:3.6-5.11.1.x86_64",
"5Server:libicu-0:3.6-5.11.1.i386",
"5Server:libicu-0:3.6-5.11.1.ia64",
"5Server:libicu-0:3.6-5.11.1.ppc",
"5Server:libicu-0:3.6-5.11.1.ppc64",
"5Server:libicu-0:3.6-5.11.1.s390",
"5Server:libicu-0:3.6-5.11.1.s390x",
"5Server:libicu-0:3.6-5.11.1.x86_64",
"5Server:libicu-devel-0:3.6-5.11.1.i386",
"5Server:libicu-devel-0:3.6-5.11.1.ia64",
"5Server:libicu-devel-0:3.6-5.11.1.ppc",
"5Server:libicu-devel-0:3.6-5.11.1.ppc64",
"5Server:libicu-devel-0:3.6-5.11.1.s390",
"5Server:libicu-devel-0:3.6-5.11.1.s390x",
"5Server:libicu-devel-0:3.6-5.11.1.x86_64",
"5Server:libicu-doc-0:3.6-5.11.1.i386",
"5Server:libicu-doc-0:3.6-5.11.1.ia64",
"5Server:libicu-doc-0:3.6-5.11.1.ppc",
"5Server:libicu-doc-0:3.6-5.11.1.s390x",
"5Server:libicu-doc-0:3.6-5.11.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2007-4771"
},
{
"category": "external",
"summary": "RHBZ#429025",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=429025"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2007-4771",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4771"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-4771",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-4771"
}
],
"release_date": "2008-01-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-01-25T13:28:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. \n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"5Client-Workstation:icu-0:3.6-5.11.1.i386",
"5Client-Workstation:icu-0:3.6-5.11.1.ia64",
"5Client-Workstation:icu-0:3.6-5.11.1.ppc",
"5Client-Workstation:icu-0:3.6-5.11.1.s390x",
"5Client-Workstation:icu-0:3.6-5.11.1.src",
"5Client-Workstation:icu-0:3.6-5.11.1.x86_64",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.i386",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.ia64",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.ppc",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.ppc64",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.s390",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.s390x",
"5Client-Workstation:icu-debuginfo-0:3.6-5.11.1.x86_64",
"5Client-Workstation:libicu-0:3.6-5.11.1.i386",
"5Client-Workstation:libicu-0:3.6-5.11.1.ia64",
"5Client-Workstation:libicu-0:3.6-5.11.1.ppc",
"5Client-Workstation:libicu-0:3.6-5.11.1.ppc64",
"5Client-Workstation:libicu-0:3.6-5.11.1.s390",
"5Client-Workstation:libicu-0:3.6-5.11.1.s390x",
"5Client-Workstation:libicu-0:3.6-5.11.1.x86_64",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.i386",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.ia64",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.ppc",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.ppc64",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.s390",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.s390x",
"5Client-Workstation:libicu-devel-0:3.6-5.11.1.x86_64",
"5Client-Workstation:libicu-doc-0:3.6-5.11.1.i386",
"5Client-Workstation:libicu-doc-0:3.6-5.11.1.ia64",
"5Client-Workstation:libicu-doc-0:3.6-5.11.1.ppc",
"5Client-Workstation:libicu-doc-0:3.6-5.11.1.s390x",
"5Client-Workstation:libicu-doc-0:3.6-5.11.1.x86_64",
"5Client:icu-0:3.6-5.11.1.i386",
"5Client:icu-0:3.6-5.11.1.ia64",
"5Client:icu-0:3.6-5.11.1.ppc",
"5Client:icu-0:3.6-5.11.1.s390x",
"5Client:icu-0:3.6-5.11.1.src",
"5Client:icu-0:3.6-5.11.1.x86_64",
"5Client:icu-debuginfo-0:3.6-5.11.1.i386",
"5Client:icu-debuginfo-0:3.6-5.11.1.ia64",
"5Client:icu-debuginfo-0:3.6-5.11.1.ppc",
"5Client:icu-debuginfo-0:3.6-5.11.1.ppc64",
"5Client:icu-debuginfo-0:3.6-5.11.1.s390",
"5Client:icu-debuginfo-0:3.6-5.11.1.s390x",
"5Client:icu-debuginfo-0:3.6-5.11.1.x86_64",
"5Client:libicu-0:3.6-5.11.1.i386",
"5Client:libicu-0:3.6-5.11.1.ia64",
"5Client:libicu-0:3.6-5.11.1.ppc",
"5Client:libicu-0:3.6-5.11.1.ppc64",
"5Client:libicu-0:3.6-5.11.1.s390",
"5Client:libicu-0:3.6-5.11.1.s390x",
"5Client:libicu-0:3.6-5.11.1.x86_64",
"5Client:libicu-devel-0:3.6-5.11.1.i386",
"5Client:libicu-devel-0:3.6-5.11.1.ia64",
"5Client:libicu-devel-0:3.6-5.11.1.ppc",
"5Client:libicu-devel-0:3.6-5.11.1.ppc64",
"5Client:libicu-devel-0:3.6-5.11.1.s390",
"5Client:libicu-devel-0:3.6-5.11.1.s390x",
"5Client:libicu-devel-0:3.6-5.11.1.x86_64",
"5Client:libicu-doc-0:3.6-5.11.1.i386",
"5Client:libicu-doc-0:3.6-5.11.1.ia64",
"5Client:libicu-doc-0:3.6-5.11.1.ppc",
"5Client:libicu-doc-0:3.6-5.11.1.s390x",
"5Client:libicu-doc-0:3.6-5.11.1.x86_64",
"5Server:icu-0:3.6-5.11.1.i386",
"5Server:icu-0:3.6-5.11.1.ia64",
"5Server:icu-0:3.6-5.11.1.ppc",
"5Server:icu-0:3.6-5.11.1.s390x",
"5Server:icu-0:3.6-5.11.1.src",
"5Server:icu-0:3.6-5.11.1.x86_64",
"5Server:icu-debuginfo-0:3.6-5.11.1.i386",
"5Server:icu-debuginfo-0:3.6-5.11.1.ia64",
"5Server:icu-debuginfo-0:3.6-5.11.1.ppc",
"5Server:icu-debuginfo-0:3.6-5.11.1.ppc64",
"5Server:icu-debuginfo-0:3.6-5.11.1.s390",
"5Server:icu-debuginfo-0:3.6-5.11.1.s390x",
"5Server:icu-debuginfo-0:3.6-5.11.1.x86_64",
"5Server:libicu-0:3.6-5.11.1.i386",
"5Server:libicu-0:3.6-5.11.1.ia64",
"5Server:libicu-0:3.6-5.11.1.ppc",
"5Server:libicu-0:3.6-5.11.1.ppc64",
"5Server:libicu-0:3.6-5.11.1.s390",
"5Server:libicu-0:3.6-5.11.1.s390x",
"5Server:libicu-0:3.6-5.11.1.x86_64",
"5Server:libicu-devel-0:3.6-5.11.1.i386",
"5Server:libicu-devel-0:3.6-5.11.1.ia64",
"5Server:libicu-devel-0:3.6-5.11.1.ppc",
"5Server:libicu-devel-0:3.6-5.11.1.ppc64",
"5Server:libicu-devel-0:3.6-5.11.1.s390",
"5Server:libicu-devel-0:3.6-5.11.1.s390x",
"5Server:libicu-devel-0:3.6-5.11.1.x86_64",
"5Server:libicu-doc-0:3.6-5.11.1.i386",
"5Server:libicu-doc-0:3.6-5.11.1.ia64",
"5Server:libicu-doc-0:3.6-5.11.1.ppc",
"5Server:libicu-doc-0:3.6-5.11.1.s390x",
"5Server:libicu-doc-0:3.6-5.11.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0090"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libicu incomplete interval handling"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…