CVE-2014-9654 : The Regular Expressions package in International Components for Unicode (ICU) for C/C++ before 2014-12-03, as used in Go

The Regular Expressions package in International Components for Unicode (ICU) for C/C++ before 2014-12-03, as used in Google Chrome before 40.0.2214.91, calculates certain values without ensuring that they can be represented in a 24-bit field, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted string, a related issue to CVE-2014-7923.

Published 2017-04-24 06:59:00

Updated 2019-04-23 19:29:22

Source Red Hat, Inc.

View at NVD, CVE.org

Vulnerability category: OverflowMemory CorruptionDenial of service

Exploit prediction scoring system (EPSS) score for CVE-2014-9654

Probability of exploitation activity in the next 30 days: 1.01%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 83 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2014-9654

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.5	HIGH	AV:N/AC:L/Au:N/C:P/I:P/A:P	10.0	6.4	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial
9.8	CRITICAL	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	3.9	5.9	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2014-9654

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2014-9654

http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html

Oracle Solaris Third Party Bulletin - April 2015

CVEs referencing this url
https://security.gentoo.org/glsa/201503-06

ICU: Multiple Vulnerabilities (GLSA 201503-06) — Gentoo security
Third Party Advisory

CVEs referencing this url
https://code.google.com/p/chromium/issues/detail?id=432209

432209 - Heap-buffer-overflow in icu_52::RegexMatcher::MatchChunkAt - chromium - Monorail
Issue Tracking;Third Party Advisory

CVEs referencing this url
http://www.securitytracker.com/id/1035410

IBM Flex System Manager ICU Client Regex Processing Flaw Lets Remote Users Execute Arbitrary Code on the Target System - SecurityTracker
Third Party Advisory;VDB Entry
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

Oracle Critical Patch Update - April 2019

CVEs referencing this url
http://bugs.icu-project.org/trac/ticket/11371

#11371 (Integer overflow issue in URX_BUILD) – Unicode ICU trac
Issue Tracking;Vendor Advisory
https://chromium.googlesource.com/chromium/deps/icu/+/dd727641e190d60e4593bcb3a35c7f51eb4925c5

dd727641e190d60e4593bcb3a35c7f51eb4925c5 - chromium/deps/icu - Git at Google
Issue Tracking;Third Party Advisory
http://bugs.icu-project.org/trac/changeset/36801

Changeset 36801 – Unicode ICU trac
Issue Tracking
http://openwall.com/lists/oss-security/2015/02/05/15

oss-security - Re: CVE request - ICU
Mailing List;Third Party Advisory

Products affected by CVE-2014-9654

Google » Chrome
Versions up to, including, (<=) 40.0.2214.85
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
Matching versions
Icu-project » International Components For Unicode » For C/c++
Versions before (<) 55.1
cpe:2.3:a:icu-project:international_components_for_unicode:*:*:*:*:*:c\/c\+\+:*:*
Matching versions

Vulnerability Details : CVE-2014-9654

Exploit prediction scoring system (EPSS) score for CVE-2014-9654

CVSS scores for CVE-2014-9654

CWE ids for CVE-2014-9654

References for CVE-2014-9654

Products affected by CVE-2014-9654