Nortel response to Sun Alert 233922 - Multiple Security Vulnerabilities in ICU 3.2 Library Regular Expression Processing
| Description: |
http://sunsolve.sun.com/search/document.do?assetkey=1-66-233922-1 Sun Microsystems has recently issued Sun Alert 233922 - Multiple Security Vulnerabilities in ICU 3.2 Library Regular Expression Processing May Cause a Denial of Service (DoS). This potential vulnerability affects the Solaris 9 and Solaris 10 Operating Systems. Some Nortel products contain this software as a component and thus are potentially affected by the vulnerabilities addressed. This bulletin provides a multi-product consolidated response for the Nortel products which are potentially affected. This bulletin addresses the following potential vulnerability: Multiple security vulnerabilities in processing regular expressions in the ICU 3.2 library shipped with Solaris may impact applications which make use of this library. Depending on the application, this may allow a local or remote unprivileged user to execute arbitrary code with the privileges of the user running the application via a carefully crafted regular expression which is processed by the application. This may also result in a Denial of Service (DoS) to the application. Additional information regarding these issues is available at: . CVE-2007-4770 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4770 . CVE-2007-4771 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4771 Before taking any action please ensure that you are viewing the latest official version of this security advisory by referencing http://www.nortel.com/securityadvisories |
| Type: |
Security Advisories |
| Number: |
2008008820, Rev 1 |
| Status: |
Retired |
| Date: |
2008-10-17 |
