Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2014-7923

Published: 22/01/2015 Updated: 07/11/2023
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Enterprise Linux Desktop Supplementary

Vulnerability Summary

The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome prior to 40.0.2214.91, allows remote malicious users to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors related to a look-behind expression.

Vulnerable Product Search on Vulmon Subscribe to Product

redhat enterprise linux desktop supplementary 6.0

redhat enterprise linux server supplementary 6.0

redhat enterprise linux workstation supplementary 6.0

redhat enterprise linux server supplementary eus 6.6.z

opensuse opensuse 13.1

opensuse opensuse 13.2

icu-project international components for unicode

oracle communications messaging server 7.0.5

oracle communications messaging server 8.0

canonical ubuntu linux 14.10

canonical ubuntu linux 14.04

google chrome

Vendor Advisories

Red Hat: Important: chromium-browser security update
Synopsis Important: chromium-browser security update Type/Severity Security Advisory: Important Topic Updated chromium-browser packages that fix multiple security issues are nowavailable for Red Hat Enterprise Linux 6 SupplementaryRed Hat Product Security has rated this update as having Important securityi ...
Debian CVElist Bug Report Logs: icu: CVE-2015-1205 / CVE-2014-9654
Debian Bug report logs - #776719 icu: CVE-2015-1205 / CVE-2014-9654 Package: src:icu; Maintainer for src:icu is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Reported by: Michael Gilbert <mgilbert@debianorg> Date: Sat, 31 Jan 2015 17:00:11 UTC Severity: serious Tags: patch, security Fixed in version icu/521-71 Done ...
Debian CVElist Bug Report Logs: icu: CVE-2014-6585 out-of-bounds read
Debian Bug report logs - #776264 icu: CVE-2014-6585 out-of-bounds read Package: src:icu; Maintainer for src:icu is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Reported by: Michael Gilbert <mgilbert@debianorg> Date: Mon, 26 Jan 2015 02:30:02 UTC Severity: important Tags: patch Found in version icu/521-7 Fixed in ver ...
Debian CVElist Bug Report Logs: icu: multiple security issues
Debian Bug report logs - #776265 icu: multiple security issues Package: src:icu; Maintainer for src:icu is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Reported by: Michael Gilbert <mgilbert@debianorg> Date: Mon, 26 Jan 2015 02:39:02 UTC Severity: important Tags: patch, security Found in version icu/521-7 Fixed in v ...
Ubuntu Security Notice: icu vulnerabilities
ICU could be made to crash or run programs as your login if it processed specially crafted data ...
Ubuntu Security Notice: oxide-qt vulnerabilities
Several security issues were fixed in Oxide ...
Ubuntu Security Notice: icu vulnerabilities
ICU could be made to crash or run programs as your login if it processed specially crafted data ...
Ubuntu Security Notice: icu regression
USN-2522-1 introduced a regression in ICU ...
Red Hat: CVE-2014-7923
The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 400221491, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors related to a look-behind expression ...

References

CWE-17http://secunia.com/advisories/62665https://chromium.googlesource.com/chromium/deps/icu52/+/6242e2fbb36f486f2c0addd1c3cef67fc4ed33fbhttp://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.htmlhttp://googlechromereleases.blogspot.com/2015/01/stable-update.htmlhttp://secunia.com/advisories/62575https://codereview.chromium.org/726973003http://www.ubuntu.com/usn/USN-2476-1http://www.securityfocus.com/bid/72288https://code.google.com/p/chromium/issues/detail?id=430353http://security.gentoo.org/glsa/glsa-201502-13.xmlhttp://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.htmlhttps://security.gentoo.org/glsa/201503-06http://www.securitytracker.com/id/1031623http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.htmlhttp://advisories.mageia.org/MGASA-2015-0047.htmlhttp://bugs.icu-project.org/trac/ticket/11370http://rhn.redhat.com/errata/RHSA-2015-0093.htmlhttp://secunia.com/advisories/62383https://chromium.googlesource.com/chromium/deps/icu52/+/3af4ce5982311035e5f36803d547c0befa576c8chttps://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.htmlhttps://access.redhat.com/errata/RHSA-2015:0093https://nvd.nist.govhttps://usn.ubuntu.com/2522-1/https://access.redhat.com/security/cve/cve-2014-7923
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserializationCVE-2024-4040cross-site scriptingCVE-2023-25790CVE-2024-2961XML external entityCVE-2024-26926CVE-2024-32806CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook