CVE-2014-7923
published 2015-01-22CVE-2014-7923: The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91…
high7.5CVSS 3.0
AVNACLAuNCPIPAP
The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors related to a look-behind expression.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | icu | < icu 52.1-7.1 (bookworm) | icu 52.1-7.1 (bookworm) |
| chrome | <= 40.0.2214.85 | — | |
| icu-project | international_components_for_unicode | < 55.1 | 55.1 |
| opensuse | opensuse | — | — |
| opensuse | opensuse | — | — |
| oracle | communications_messaging_server | — | — |
| oracle | communications_messaging_server | — | — |
| redhat | enterprise_linux_desktop_supplementary | — | — |
| redhat | enterprise_linux_server_supplementary | — | — |
| redhat | enterprise_linux_server_supplementary_eus | — | — |
| redhat | enterprise_linux_workstation_supplementary | — | — |
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd7.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv10.0CRITICAL