FrSIRT - Mandriva Security Update Fixes ICU Regular Expressions Vulnerabilities / Exploit

French Security Incident Response Team

Français

English

Mandriva Security Update Fixes ICU Regular Expressions Vulnerabilities

Date de Publication : 2008-01-28 © FrSIRT.COM
Titre : Mandriva Security Update Fixes ICU Regular Expressions Vulnerabilities
Identifiant : FrSIRT/AVIS-2008-0285
CVE ID : CVE-2007-4770 - CVE-2007-4771
Risque : Modéré (2/4) -

Exploitable à distance : Oui
Exploitable en local : Oui

En savoir plus

Description

Produits affectés

Solution

Références

Description Technique

Plusieurs vulnérabilités ont été identifiées dans Mandriva, elles pourraient être exploitées par des attaquants afin de causer un déni de service ou compromettre un système vulnérable [...]

Solution

Installer les mises à jour :

Mandriva Linux 2008.0:
7be8d05368f1df77edc94bb834c714cd 2008.0/i586/icu-3.6-4.1mdv2008.0.i586.rpm
ef3398e874daf8e90a2ba7ac7905ee0c 2008.0/i586/icu-doc-3.6-4.1mdv2008.0.i586.rpm
119907c5156b986a7416e5bd408d671a 2008.0/i586/libicu-devel-3.6-4.1mdv2008.0.i586.rpm
5838818d204a452c9017212829c4028d 2008.0/i586/libicu36-3.6-4.1mdv2008.0.i586.rpm
01bf753e38adbdefc214f39ddc075fea 2008.0/SRPMS/icu-3.6-4.1mdv2008.0.src.rpm

Mandriva Linux 2008.0/X86_64:
b95b013d629d556d89e6330407111615 2008.0/x86_64/icu-3.6-4.1mdv2008.0.x86_64.rpm
169020a3e5467ac5d0f63b7224fe9e38 2008.0/x86_64/icu-doc-3.6-4.1mdv2008.0.x86_64.rpm
896c989a753a991b0aa4f41b3ca35b30 2008.0/x86_64/lib64icu-devel-3.6-4.1mdv2008.0.x86_64.rpm
8fb71c76ca95a77d7a37602a29e044e6 2008.0/x86_64/lib64icu36-3.6-4.1mdv2008.0.x86_64.rpm
01bf753e38adbdefc214f39ddc075fea 2008.0/SRPMS/icu-3.6-4.1mdv2008.0.src.rpm

Historique

2008-01-28 : Version Initiale

Recevez les bulletins FrSIRT

Le service FrSIRT VNS permet aux professionnels de la sécurité (RSSI, DSI, administrateurs et consultants) de recevoir en temps-réel, par email, SMS et flux RSS/XML, des bulletins de vulnérabilités complets, détaillés et personnalisés.

Recherche

Newsletter

	Apple Mac OS X Command Execution Vulnerabilities
	Apple Safari for Mac OS X Remote Code Execution Vulnerability
	Apple Mac OS X ARDAgent Local Privilege Escalation Vulnerability
	Apple Safari Code Execution and Information Disclosure Vulnerabilities
	Apple QuickTime Multiple File Handling Code Execution Vulnerabilities
	Apple Safari for Windows Remote Code Execution Vulnerability
	Apple Mac OS X Command Execution Vulnerabilities

	Sun Solaris Tomcat JSP/Servlet Container Multiple Vulnerabilities
	Sun Java System Access Manager XSLT Code Execution Vulnerability
	Sun Solaris 10 Adobe Reader Multiple Code Execution Vulnerabilities
	Sun Solaris "snmpXdmid" Packet Handling Denial of Service Vulnerability
	Sun Solaris FreeType2 Library Multiple Memory Corruption Vulnerabilities
	Sun Java System Calendar Server Denial of Service Vulnerability
	Sun Solaris SMA SNMPv3 Authentication Bypass Vulnerability

	Mozilla Products Remote Code Execution Vulnerabilities
	Mozilla Firefox Unspecified Remote Command Execution Vulnerability
	Mozilla JavaScript Garbage Collector Code Execution Vulnerability
	Mozilla Thunderbird Code Execution and Cross Site Scripting Issues
	Mozilla Firefox and SeaMonkey Multiple Remote Code Execution Issues
	Mozilla Thunderbird Multiple Security Bypass and Code Execution Issues
	Mozilla Firefox and SeaMonkey Multiple Remote Code Execution Issues