2
Candidate: CVE-2007-4771
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4771
5
https://usn.ubuntu.com/usn/usn-591-1
7
Heap-based buffer overflow in the doInterval function in regexcmp.cpp in
8
libicu in International Components for Unicode (ICU) 3.8.1 and earlier
9
allows context-dependent attackers to cause a denial of service (memory
10
consumption) and possibly have unspecified other impact via a regular
11
expression that writes a large amount of data to the backtracking stack.
12
NOTE: some of these details are obtained from third party information.
16
https://bugs.launchpad.net/ubuntu/+source/icu/+bug/186578
21
vendor: http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:026
22
vendor: https://rhn.redhat.com/errata/RHSA-2008-0090.html
23
vendor: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463688
24
patch: http://sourceforge.net/mailarchive/message.php?msg_name=d03a2ffb0801221538x68825e42xb4a4aaf0fcccecbd%40mail.gmail.com
26
dapper_icu: released (3.4.1a-1ubuntu1.6.06.1)
27
edgy_icu: released (3.4.1a-1ubuntu1.6.10.1)
28
feisty_icu: released (3.6-2ubuntu0.1)
29
gutsy_icu: released (3.6-3ubuntu0.1)
30
devel_icu: not-affected (3.8-6)