RedHat Update For Icu RHSA-2008:0090-01 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

The International Components for Unicode (ICU) library provides robust and full-featured Unicode services. Will Drewry reported multiple flaws in the way libicu processed certain malformed regular expressions. If an application linked against ICU, such as OpenOffice.org, processed a carefully crafted regular expression, it may be possible to execute arbitrary code as the user running the application. (CVE-2007-4770, CVE-2007-4771) All users of icu should upgrade to these updated packages, which contain backported patches to resolve these issues.

Affected

icu on Red Hat Enterprise Linux (v. 5 server)

References

https://www.redhat.com/archives/rhsa-announce/2008-January/msg00018.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2007-4770, CVE-2007-4771

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

RedHat Security Advisory RHSA-2009:0444
RedHat Security Advisory RHSA-2009:0001
RedHat Security Advisory RHSA-2009:1081
RedHat Security Advisory RHSA-2009:0430
RedHat Security Advisory RHSA-2009:0410

RedHat Update for icu RHSA-2008:0090-01

Take action and discover your vulnerabilities