What is the severity of CVE-2014-7923?

CVE-2014-7923 has a severity rating that indicates it can lead to remote denial of service due to memory corruption.

How do I fix CVE-2014-7923?

To fix CVE-2014-7923, updating to the latest version of the affected software that addresses the vulnerability is recommended.

Which software is affected by CVE-2014-7923?

CVE-2014-7923 affects various versions of the ICU Regular Expressions package and specific releases of Red Hat Enterprise Linux and openSUSE.

Is my system vulnerable to CVE-2014-7923?

You can determine if your system is vulnerable to CVE-2014-7923 by checking if it runs an affected version of ICU or the listed operating systems.

What type of attacks can be performed using CVE-2014-7923?

CVE-2014-7923 can be exploited to cause denial of service through specially crafted look-behind expressions in regular expressions.

Vulnerability/
CVE-2014-7923

high

7.5

CWE

22/1/2015

6/8/2024

CVE-2014-7923

First published: Thu Jan 22 2015(Updated: )

The Regular Expressions package in International Components for Unicode (ICU) allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors related to a look-behind expression.

Credit: cve-coordination@google.com

Affected Software	Affected Version	How to fix
Red Hat Enterprise Linux Desktop	=6.0
Red Hat Enterprise Linux Server Supplementary	=6.0
Red Hat Enterprise Linux Server Supplementary EUS	=6.6.z
Red Hat Enterprise Linux Workstation Supplementary	=6.0
openSUSE	=13.1
openSUSE	=13.2
ICU (International Components for Unicode)	<55.1
Sun iPlanet Messaging Server	=7.0.5
Sun iPlanet Messaging Server	=8.0
Ubuntu	=14.04
Ubuntu	=14.10
Google Chrome	<=40.0.2214.85

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

IBM-1073530

Frequently Asked Questions

What is the severity of CVE-2014-7923?
CVE-2014-7923 has a severity rating that indicates it can lead to remote denial of service due to memory corruption.
How do I fix CVE-2014-7923?
To fix CVE-2014-7923, updating to the latest version of the affected software that addresses the vulnerability is recommended.
Which software is affected by CVE-2014-7923?
CVE-2014-7923 affects various versions of the ICU Regular Expressions package and specific releases of Red Hat Enterprise Linux and openSUSE.
Is my system vulnerable to CVE-2014-7923?
You can determine if your system is vulnerable to CVE-2014-7923 by checking if it runs an affected version of ICU or the listed operating systems.
What type of attacks can be performed using CVE-2014-7923?
CVE-2014-7923 can be exploited to cause denial of service through specially crafted look-behind expressions in regular expressions.

agent/references
agent/type
agent/author
agent/severity
agent/weakness
agent/description
collector/ibm-support
source/IBM
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/trending
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/redhat
canonical/red hat enterprise linux desktop
version/red hat enterprise linux desktop/6.0
canonical/red hat enterprise linux server supplementary
version/red hat enterprise linux server supplementary/6.0
canonical/red hat enterprise linux server supplementary eus
version/red hat enterprise linux server supplementary eus/6.6.z
canonical/red hat enterprise linux workstation supplementary
version/red hat enterprise linux workstation supplementary/6.0
vendor/opensuse
canonical/opensuse
version/opensuse/13.1
version/opensuse/13.2
vendor/icu-project
canonical/icu (international components for unicode)
vendor/oracle
canonical/sun iplanet messaging server
version/sun iplanet messaging server/7.0.5
version/sun iplanet messaging server/8.0
vendor/canonical
canonical/ubuntu
version/ubuntu/14.04
version/ubuntu/14.10
vendor/google
canonical/google chrome
version/google chrome/40.0.2214.85