OSVDB ID: 77706

Title: ICU4C i18n/rematch.cpp RegexMatcher::MatchChunkAt Function Out-of-bounds Read Issue

Info

Disclosure

Dec 13, 2011

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Dec 13, 2011

Description

ICU4C contains an out-of-bounds read flaw in the 'RegexMatcher::MatchChunkAt' function in i18n/rematch.cpp when parsing Unicode strings. With a specially crafted string, a context-dependent attacker can cause a crash or potentially disclose memory contents.

Classification

Location: Context Dependent
Impact: Loss of Confidentiality, Loss of Availability
Solution: Third-Party Solution, Solution Unknown
Exploit: Exploit Unknown
Disclosure: Vendor Verified, Coordinated Disclosure
OSVDB: Web Related

Solution

OSVDB is not currently aware of a solution for this vulnerability. Upgrade to Google Chrome version 16.0.912.63 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Google, Inc.

Chrome

15.0.874.121

International Components for Unicode

ICU4C

Unspecified

References

Credit

Unknown or Incomplete



Direct URL: http://osvdb.org/77706