Vulnerabilites related to boost - boost
CVE-2008-0171 (GCVE-0-2008-0171)
Vulnerability from cvelistv5
Published
2008-01-17 22:00
Modified
2024-08-07 07:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
regex/v4/perl_matcher_non_recursive.hpp in the Boost regex library (aka Boost.Regex) in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service (failed assertion and crash) via an invalid regular expression.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:39:32.914Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0063"
},
{
"name": "48099",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48099"
},
{
"name": "ADV-2008-0249",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0249"
},
{
"name": "27325",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27325"
},
{
"name": "28860",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28860"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.boost.org/trac/boost/changeset/42745"
},
{
"name": "28943",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28943"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.boost.org/trac/boost/changeset/42674"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-2143"
},
{
"name": "FEDORA-2008-0880",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00760.html"
},
{
"name": "28511",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28511"
},
{
"name": "20080213 rPSA-2008-0063-1 boost",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/488102/100/0/threaded"
},
{
"name": "28705",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28705"
},
{
"name": "28545",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28545"
},
{
"name": "SUSE-SR:2008:006",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html"
},
{
"name": "GLSA-200802-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200802-08.xml"
},
{
"name": "28527",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28527"
},
{
"name": "USN-570-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-570-1"
},
{
"name": "29323",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29323"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=205955"
},
{
"name": "MDVSA-2008:032",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:032"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-01-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "regex/v4/perl_matcher_non_recursive.hpp in the Boost regex library (aka Boost.Regex) in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service (failed assertion and crash) via an invalid regular expression."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0063"
},
{
"name": "48099",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48099"
},
{
"name": "ADV-2008-0249",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0249"
},
{
"name": "27325",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27325"
},
{
"name": "28860",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28860"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.boost.org/trac/boost/changeset/42745"
},
{
"name": "28943",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28943"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.boost.org/trac/boost/changeset/42674"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-2143"
},
{
"name": "FEDORA-2008-0880",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00760.html"
},
{
"name": "28511",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28511"
},
{
"name": "20080213 rPSA-2008-0063-1 boost",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/488102/100/0/threaded"
},
{
"name": "28705",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28705"
},
{
"name": "28545",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28545"
},
{
"name": "SUSE-SR:2008:006",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html"
},
{
"name": "GLSA-200802-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200802-08.xml"
},
{
"name": "28527",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28527"
},
{
"name": "USN-570-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-570-1"
},
{
"name": "29323",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29323"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=205955"
},
{
"name": "MDVSA-2008:032",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:032"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0171",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "regex/v4/perl_matcher_non_recursive.hpp in the Boost regex library (aka Boost.Regex) in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service (failed assertion and crash) via an invalid regular expression."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://wiki.rpath.com/Advisories:rPSA-2008-0063",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0063"
},
{
"name": "48099",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48099"
},
{
"name": "ADV-2008-0249",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0249"
},
{
"name": "27325",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27325"
},
{
"name": "28860",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28860"
},
{
"name": "http://svn.boost.org/trac/boost/changeset/42745",
"refsource": "CONFIRM",
"url": "http://svn.boost.org/trac/boost/changeset/42745"
},
{
"name": "28943",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28943"
},
{
"name": "http://svn.boost.org/trac/boost/changeset/42674",
"refsource": "CONFIRM",
"url": "http://svn.boost.org/trac/boost/changeset/42674"
},
{
"name": "https://issues.rpath.com/browse/RPL-2143",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-2143"
},
{
"name": "FEDORA-2008-0880",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00760.html"
},
{
"name": "28511",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28511"
},
{
"name": "20080213 rPSA-2008-0063-1 boost",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/488102/100/0/threaded"
},
{
"name": "28705",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28705"
},
{
"name": "28545",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28545"
},
{
"name": "SUSE-SR:2008:006",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html"
},
{
"name": "GLSA-200802-08",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200802-08.xml"
},
{
"name": "28527",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28527"
},
{
"name": "USN-570-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-570-1"
},
{
"name": "29323",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29323"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=205955",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=205955"
},
{
"name": "MDVSA-2008:032",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:032"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0171",
"datePublished": "2008-01-17T22:00:00",
"dateReserved": "2008-01-09T00:00:00",
"dateUpdated": "2024-08-07T07:39:32.914Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-0172 (GCVE-0-2008-0172)
Vulnerability from cvelistv5
Published
2008-01-17 22:00
Modified
2024-08-07 07:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The get_repeat_type function in basic_regex_creator.hpp in the Boost regex library (aka Boost.Regex) in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service (NULL dereference and crash) via an invalid regular expression.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:39:32.901Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0063"
},
{
"name": "48099",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48099"
},
{
"name": "ADV-2008-0249",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0249"
},
{
"name": "27325",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27325"
},
{
"name": "28860",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28860"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.boost.org/trac/boost/changeset/42745"
},
{
"name": "28943",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28943"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.boost.org/trac/boost/changeset/42674"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-2143"
},
{
"name": "FEDORA-2008-0880",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00760.html"
},
{
"name": "28511",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28511"
},
{
"name": "20080213 rPSA-2008-0063-1 boost",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/488102/100/0/threaded"
},
{
"name": "28705",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28705"
},
{
"name": "28545",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28545"
},
{
"name": "SUSE-SR:2008:006",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html"
},
{
"name": "GLSA-200802-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200802-08.xml"
},
{
"name": "28527",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28527"
},
{
"name": "USN-570-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-570-1"
},
{
"name": "29323",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29323"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=205955"
},
{
"name": "MDVSA-2008:032",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:032"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-01-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The get_repeat_type function in basic_regex_creator.hpp in the Boost regex library (aka Boost.Regex) in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service (NULL dereference and crash) via an invalid regular expression."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0063"
},
{
"name": "48099",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48099"
},
{
"name": "ADV-2008-0249",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0249"
},
{
"name": "27325",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27325"
},
{
"name": "28860",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28860"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.boost.org/trac/boost/changeset/42745"
},
{
"name": "28943",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28943"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.boost.org/trac/boost/changeset/42674"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-2143"
},
{
"name": "FEDORA-2008-0880",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00760.html"
},
{
"name": "28511",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28511"
},
{
"name": "20080213 rPSA-2008-0063-1 boost",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/488102/100/0/threaded"
},
{
"name": "28705",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28705"
},
{
"name": "28545",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28545"
},
{
"name": "SUSE-SR:2008:006",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html"
},
{
"name": "GLSA-200802-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200802-08.xml"
},
{
"name": "28527",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28527"
},
{
"name": "USN-570-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-570-1"
},
{
"name": "29323",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29323"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=205955"
},
{
"name": "MDVSA-2008:032",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:032"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0172",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The get_repeat_type function in basic_regex_creator.hpp in the Boost regex library (aka Boost.Regex) in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service (NULL dereference and crash) via an invalid regular expression."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://wiki.rpath.com/Advisories:rPSA-2008-0063",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0063"
},
{
"name": "48099",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48099"
},
{
"name": "ADV-2008-0249",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0249"
},
{
"name": "27325",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27325"
},
{
"name": "28860",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28860"
},
{
"name": "http://svn.boost.org/trac/boost/changeset/42745",
"refsource": "CONFIRM",
"url": "http://svn.boost.org/trac/boost/changeset/42745"
},
{
"name": "28943",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28943"
},
{
"name": "http://svn.boost.org/trac/boost/changeset/42674",
"refsource": "CONFIRM",
"url": "http://svn.boost.org/trac/boost/changeset/42674"
},
{
"name": "https://issues.rpath.com/browse/RPL-2143",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-2143"
},
{
"name": "FEDORA-2008-0880",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00760.html"
},
{
"name": "28511",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28511"
},
{
"name": "20080213 rPSA-2008-0063-1 boost",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/488102/100/0/threaded"
},
{
"name": "28705",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28705"
},
{
"name": "28545",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28545"
},
{
"name": "SUSE-SR:2008:006",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html"
},
{
"name": "GLSA-200802-08",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200802-08.xml"
},
{
"name": "28527",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28527"
},
{
"name": "USN-570-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-570-1"
},
{
"name": "29323",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29323"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=205955",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=205955"
},
{
"name": "MDVSA-2008:032",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:032"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0172",
"datePublished": "2008-01-17T22:00:00",
"dateReserved": "2008-01-09T00:00:00",
"dateUpdated": "2024-08-07T07:39:32.901Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9840 (GCVE-0-2016-9840)
Vulnerability from cvelistv5
Published
2017-05-23 03:56
Modified
2024-08-06 02:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:59:03.590Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:1221",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1221"
},
{
"name": "RHSA-2017:1220",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1220"
},
{
"name": "RHSA-2017:3047",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
},
{
"name": "[oss-security] 20161205 Re: CVE Request: zlib security issues found during audit",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/12/05/21"
},
{
"name": "95131",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95131"
},
{
"name": "RHSA-2017:3046",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
},
{
"name": "openSUSE-SU-2017:0077",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html"
},
{
"name": "GLSA-201701-56",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201701-56"
},
{
"name": "1039427",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039427"
},
{
"name": "RHSA-2017:1222",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1222"
},
{
"name": "openSUSE-SU-2017:0080",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html"
},
{
"name": "RHSA-2017:3453",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"name": "openSUSE-SU-2016:3202",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html"
},
{
"name": "RHSA-2017:2999",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
},
{
"name": "[debian-lts-announce] 20190324 [SECURITY] [DLA 1725-1] rsync security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00027.html"
},
{
"name": "USN-4246-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4246-1/"
},
{
"name": "[debian-lts-announce] 20200129 [SECURITY] [DLA 2085-1] zlib security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00030.html"
},
{
"name": "USN-4292-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4292-1/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT208144"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/madler/zlib/commit/6a043145ca6e9c55184013841a67b2fef87e44c0"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402345"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT208113"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT208112"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT208115"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf"
},
{
"name": "GLSA-202007-54",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202007-54"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-09-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:16:02",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"name": "RHSA-2017:1221",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1221"
},
{
"name": "RHSA-2017:1220",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1220"
},
{
"name": "RHSA-2017:3047",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
},
{
"name": "[oss-security] 20161205 Re: CVE Request: zlib security issues found during audit",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/12/05/21"
},
{
"name": "95131",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95131"
},
{
"name": "RHSA-2017:3046",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
},
{
"name": "openSUSE-SU-2017:0077",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html"
},
{
"name": "GLSA-201701-56",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201701-56"
},
{
"name": "1039427",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039427"
},
{
"name": "RHSA-2017:1222",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1222"
},
{
"name": "openSUSE-SU-2017:0080",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html"
},
{
"name": "RHSA-2017:3453",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"name": "openSUSE-SU-2016:3202",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html"
},
{
"name": "RHSA-2017:2999",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
},
{
"name": "[debian-lts-announce] 20190324 [SECURITY] [DLA 1725-1] rsync security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00027.html"
},
{
"name": "USN-4246-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4246-1/"
},
{
"name": "[debian-lts-announce] 20200129 [SECURITY] [DLA 2085-1] zlib security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00030.html"
},
{
"name": "USN-4292-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4292-1/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT208144"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/madler/zlib/commit/6a043145ca6e9c55184013841a67b2fef87e44c0"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402345"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT208113"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT208112"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT208115"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf"
},
{
"name": "GLSA-202007-54",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202007-54"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2016-9840",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:1221",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1221"
},
{
"name": "RHSA-2017:1220",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1220"
},
{
"name": "RHSA-2017:3047",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
},
{
"name": "[oss-security] 20161205 Re: CVE Request: zlib security issues found during audit",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/12/05/21"
},
{
"name": "95131",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95131"
},
{
"name": "RHSA-2017:3046",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
},
{
"name": "openSUSE-SU-2017:0077",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html"
},
{
"name": "GLSA-201701-56",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-56"
},
{
"name": "1039427",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039427"
},
{
"name": "RHSA-2017:1222",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1222"
},
{
"name": "openSUSE-SU-2017:0080",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html"
},
{
"name": "RHSA-2017:3453",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"name": "openSUSE-SU-2016:3202",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html"
},
{
"name": "RHSA-2017:2999",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
},
{
"name": "[debian-lts-announce] 20190324 [SECURITY] [DLA 1725-1] rsync security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00027.html"
},
{
"name": "USN-4246-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4246-1/"
},
{
"name": "[debian-lts-announce] 20200129 [SECURITY] [DLA 2085-1] zlib security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00030.html"
},
{
"name": "USN-4292-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4292-1/"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpujul2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "https://support.apple.com/HT208144",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208144"
},
{
"name": "https://github.com/madler/zlib/commit/6a043145ca6e9c55184013841a67b2fef87e44c0",
"refsource": "CONFIRM",
"url": "https://github.com/madler/zlib/commit/6a043145ca6e9c55184013841a67b2fef87e44c0"
},
{
"name": "https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib",
"refsource": "MISC",
"url": "https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1402345",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402345"
},
{
"name": "https://support.apple.com/HT208113",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208113"
},
{
"name": "https://support.apple.com/HT208112",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208112"
},
{
"name": "https://support.apple.com/HT208115",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208115"
},
{
"name": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf",
"refsource": "MISC",
"url": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf"
},
{
"name": "GLSA-202007-54",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202007-54"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2016-9840",
"datePublished": "2017-05-23T03:56:00",
"dateReserved": "2016-12-05T00:00:00",
"dateUpdated": "2024-08-06T02:59:03.590Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-0252 (GCVE-0-2013-0252)
Vulnerability from cvelistv5
Published
2013-03-12 21:00
Modified
2024-08-06 14:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
boost::locale::utf::utf_traits in the Boost.Locale library in Boost 1.48 through 1.52 does not properly detect certain invalid UTF-8 sequences, which might allow remote attackers to bypass input validation protection mechanisms via crafted trailing bytes.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:18:09.643Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2013-2448",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-February/099122.html"
},
{
"name": "57675",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/57675"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699649"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=907481"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://svn.boost.org/trac/boost/ticket/7743"
},
{
"name": "[oss-security] 20130203 Re: CVE id request: boost",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/02/04/2"
},
{
"name": "FEDORA-2013-2420",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-February/099103.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699650"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.boost.org/users/news/boost_locale_security_notice.html"
},
{
"name": "USN-1727-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1727-1"
},
{
"name": "MDVSA-2013:065",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:065"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-11-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "boost::locale::utf::utf_traits in the Boost.Locale library in Boost 1.48 through 1.52 does not properly detect certain invalid UTF-8 sequences, which might allow remote attackers to bypass input validation protection mechanisms via crafted trailing bytes."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-12-02T13:57:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FEDORA-2013-2448",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-February/099122.html"
},
{
"name": "57675",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/57675"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699649"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=907481"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://svn.boost.org/trac/boost/ticket/7743"
},
{
"name": "[oss-security] 20130203 Re: CVE id request: boost",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/02/04/2"
},
{
"name": "FEDORA-2013-2420",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-February/099103.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699650"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.boost.org/users/news/boost_locale_security_notice.html"
},
{
"name": "USN-1727-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1727-1"
},
{
"name": "MDVSA-2013:065",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:065"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-0252",
"datePublished": "2013-03-12T21:00:00",
"dateReserved": "2012-12-06T00:00:00",
"dateUpdated": "2024-08-06T14:18:09.643Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2017-05-23 04:29
Modified
2025-04-20 01:37
Severity ?
Summary
inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@opentext.com | http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html | Third Party Advisory | |
| security@opentext.com | http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html | Third Party Advisory | |
| security@opentext.com | http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html | Third Party Advisory | |
| security@opentext.com | http://www.openwall.com/lists/oss-security/2016/12/05/21 | Mailing List, Third Party Advisory | |
| security@opentext.com | http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | Third Party Advisory | |
| security@opentext.com | http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | Third Party Advisory | |
| security@opentext.com | http://www.securityfocus.com/bid/95131 | Broken Link | |
| security@opentext.com | http://www.securitytracker.com/id/1039427 | Broken Link | |
| security@opentext.com | https://access.redhat.com/errata/RHSA-2017:1220 | Third Party Advisory | |
| security@opentext.com | https://access.redhat.com/errata/RHSA-2017:1221 | Third Party Advisory | |
| security@opentext.com | https://access.redhat.com/errata/RHSA-2017:1222 | Third Party Advisory | |
| security@opentext.com | https://access.redhat.com/errata/RHSA-2017:2999 | Third Party Advisory | |
| security@opentext.com | https://access.redhat.com/errata/RHSA-2017:3046 | Third Party Advisory | |
| security@opentext.com | https://access.redhat.com/errata/RHSA-2017:3047 | Third Party Advisory | |
| security@opentext.com | https://access.redhat.com/errata/RHSA-2017:3453 | Third Party Advisory | |
| security@opentext.com | https://bugzilla.redhat.com/show_bug.cgi?id=1402345 | Issue Tracking, Third Party Advisory | |
| security@opentext.com | https://github.com/madler/zlib/commit/6a043145ca6e9c55184013841a67b2fef87e44c0 | Patch, Third Party Advisory | |
| security@opentext.com | https://lists.debian.org/debian-lts-announce/2019/03/msg00027.html | Mailing List, Third Party Advisory | |
| security@opentext.com | https://lists.debian.org/debian-lts-announce/2020/01/msg00030.html | Mailing List, Third Party Advisory | |
| security@opentext.com | https://security.gentoo.org/glsa/201701-56 | Third Party Advisory | |
| security@opentext.com | https://security.gentoo.org/glsa/202007-54 | Third Party Advisory | |
| security@opentext.com | https://support.apple.com/HT208112 | Third Party Advisory | |
| security@opentext.com | https://support.apple.com/HT208113 | Third Party Advisory | |
| security@opentext.com | https://support.apple.com/HT208115 | Third Party Advisory | |
| security@opentext.com | https://support.apple.com/HT208144 | Third Party Advisory | |
| security@opentext.com | https://usn.ubuntu.com/4246-1/ | Third Party Advisory | |
| security@opentext.com | https://usn.ubuntu.com/4292-1/ | Third Party Advisory | |
| security@opentext.com | https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib | Third Party Advisory | |
| security@opentext.com | https://wiki.mozilla.org/images/0/09/Zlib-report.pdf | Broken Link | |
| security@opentext.com | https://www.oracle.com/security-alerts/cpujul2020.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2016/12/05/21 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/95131 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039427 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:1220 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:1221 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:1222 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:2999 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:3046 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:3047 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:3453 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1402345 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/madler/zlib/commit/6a043145ca6e9c55184013841a67b2fef87e44c0 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2019/03/msg00027.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2020/01/msg00030.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201701-56 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202007-54 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.apple.com/HT208112 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.apple.com/HT208113 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.apple.com/HT208115 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.apple.com/HT208144 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/4246-1/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/4292-1/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.mozilla.org/images/0/09/Zlib-report.pdf | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpujul2020.html | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| boost | boost | * | |
| zlib | zlib | * | |
| opensuse | leap | 42.1 | |
| opensuse | leap | 42.2 | |
| opensuse | opensuse | 13.2 | |
| debian | debian_linux | 8.0 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| oracle | database_server | 18c | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.8.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.8.0 | |
| oracle | mysql | * | |
| oracle | mysql | * | |
| oracle | mysql | * | |
| oracle | mysql | * | |
| redhat | satellite | 5.8 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_eus | 7.4 | |
| redhat | enterprise_linux_eus | 7.5 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| apple | iphone_os | * | |
| apple | mac_os_x | * | |
| apple | tvos | * | |
| apple | watchos | * | |
| nodejs | node.js | * | |
| nodejs | node.js | * | |
| nodejs | node.js | * | |
| nodejs | node.js | * | |
| nodejs | node.js | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:boost:boost:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA820824-3002-49BD-9093-3848F0B74E28",
"versionEndExcluding": "1.78.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zlib:zlib:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5425C69-8CBB-433C-A330-798C66E7D6F2",
"versionEndExcluding": "1.2.9",
"versionStartIncluding": "1.2.0.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4863BE36-D16A-4D75-90D9-FD76DB5B48B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EA337A3-B9A3-4962-B8BD-8E0C7C5B28EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "B3293E55-5506-4587-A318-D1734F781C09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:database_server:18c:*:*:*:*:*:*:*",
"matchCriteriaId": "6833701E-5510-4180-9523-9CFD318DEE6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update161:*:*:*:*:*:*",
"matchCriteriaId": "7037AEF9-403D-43EC-ABBB-B46619241586",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update151:*:*:*:*:*:*",
"matchCriteriaId": "B781F1F7-DE18-41F7-83C1-8690B0884DDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update144:*:*:*:*:*:*",
"matchCriteriaId": "6D36F2A6-1329-4D74-BADC-C22D46CF7CFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update161:*:*:*:*:*:*",
"matchCriteriaId": "D53D6C3C-C8F3-4FF4-AE9C-1BFF14E74EDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update151:*:*:*:*:*:*",
"matchCriteriaId": "71219100-B476-4062-A40A-13F1B8C7DAED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update144:*:*:*:*:*:*",
"matchCriteriaId": "FCC055BA-0D21-4D2B-AC9B-B81B8468860C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F370B9CC-03AA-436B-AF81-1FD48F33BAEB",
"versionEndIncluding": "5.5.61",
"versionStartIncluding": "5.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9A2BAC98-4BC4-44EB-AE09-826BD21D5E3D",
"versionEndIncluding": "5.6.41",
"versionStartIncluding": "5.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
"matchCriteriaId": "76702038-5D38-450F-BA25-FED83FBE758B",
"versionEndIncluding": "5.7.23",
"versionStartIncluding": "5.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
"matchCriteriaId": "106FA614-55B8-4D90-B654-47EE199E7CC1",
"versionEndIncluding": "8.0.12",
"versionStartIncluding": "8.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F86C3C-B99C-44C6-97D7-163DC3F59687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F96E3779-F56A-45FF-BB3D-4980527D721E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F72F611A-26E5-4CC7-888E-96AD158D7C68",
"versionEndExcluding": "11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "66F7B69D-5362-4E15-9FFE-8F3E87738920",
"versionEndExcluding": "10.13.0",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11895153-2FE5-4D73-B7FC-182FA280BA36",
"versionEndExcluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49790D15-2446-4138-B1FA-6C806587C5A1",
"versionEndExcluding": "4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"matchCriteriaId": "A47FC4F7-1F77-4314-B4B3-3C5D8E335379",
"versionEndIncluding": "4.1.2",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
"matchCriteriaId": "BCA5DE0E-A10C-42A1-BFE3-1FED2C3171AB",
"versionEndExcluding": "4.8.2",
"versionStartIncluding": "4.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"matchCriteriaId": "D107EC29-67E7-40C3-8E5A-324C9105C5E4",
"versionEndIncluding": "6.8.1",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
"matchCriteriaId": "ED1F2BAC-47F9-49C9-93FE-20EDD46CDF86",
"versionEndExcluding": "6.10.2",
"versionStartIncluding": "6.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"matchCriteriaId": "7F49B5A3-6516-46A2-884B-4D6657C188AE",
"versionEndExcluding": "7.6.0",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic."
},
{
"lang": "es",
"value": "Inftrees.c en zlib 1.2.8 podr\u00eda permitir que los atacantes dependientes del contexto tener un impacto no especificado al aprovechar la aritm\u00e9tica de puntero incorrecta."
}
],
"id": "CVE-2016-9840",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-05-23T04:29:01.667",
"references": [
{
"source": "security@opentext.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html"
},
{
"source": "security@opentext.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html"
},
{
"source": "security@opentext.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html"
},
{
"source": "security@opentext.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/12/05/21"
},
{
"source": "security@opentext.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"source": "security@opentext.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"source": "security@opentext.com",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/95131"
},
{
"source": "security@opentext.com",
"tags": [
"Broken Link"
],
"url": "http://www.securitytracker.com/id/1039427"
},
{
"source": "security@opentext.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1220"
},
{
"source": "security@opentext.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1221"
},
{
"source": "security@opentext.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1222"
},
{
"source": "security@opentext.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
},
{
"source": "security@opentext.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
},
{
"source": "security@opentext.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
},
{
"source": "security@opentext.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"source": "security@opentext.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402345"
},
{
"source": "security@opentext.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/madler/zlib/commit/6a043145ca6e9c55184013841a67b2fef87e44c0"
},
{
"source": "security@opentext.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00027.html"
},
{
"source": "security@opentext.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00030.html"
},
{
"source": "security@opentext.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201701-56"
},
{
"source": "security@opentext.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202007-54"
},
{
"source": "security@opentext.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT208112"
},
{
"source": "security@opentext.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT208113"
},
{
"source": "security@opentext.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT208115"
},
{
"source": "security@opentext.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT208144"
},
{
"source": "security@opentext.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4246-1/"
},
{
"source": "security@opentext.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4292-1/"
},
{
"source": "security@opentext.com",
"tags": [
"Third Party Advisory"
],
"url": "https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib"
},
{
"source": "security@opentext.com",
"tags": [
"Broken Link"
],
"url": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf"
},
{
"source": "security@opentext.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/12/05/21"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/95131"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securitytracker.com/id/1039427"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1220"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1221"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1222"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402345"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/madler/zlib/commit/6a043145ca6e9c55184013841a67b2fef87e44c0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00027.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00030.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201701-56"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202007-54"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT208112"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT208113"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT208115"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT208144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4246-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4292-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
}
],
"sourceIdentifier": "security@opentext.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-01-17 23:00
Modified
2025-04-09 00:30
Severity ?
Summary
regex/v4/perl_matcher_non_recursive.hpp in the Boost regex library (aka Boost.Regex) in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service (failed assertion and crash) via an invalid regular expression.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://bugs.gentoo.org/show_bug.cgi?id=205955 | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html | ||
| cve@mitre.org | http://secunia.com/advisories/28511 | ||
| cve@mitre.org | http://secunia.com/advisories/28527 | ||
| cve@mitre.org | http://secunia.com/advisories/28545 | ||
| cve@mitre.org | http://secunia.com/advisories/28705 | ||
| cve@mitre.org | http://secunia.com/advisories/28860 | ||
| cve@mitre.org | http://secunia.com/advisories/28943 | ||
| cve@mitre.org | http://secunia.com/advisories/29323 | ||
| cve@mitre.org | http://secunia.com/advisories/48099 | ||
| cve@mitre.org | http://svn.boost.org/trac/boost/changeset/42674 | Exploit | |
| cve@mitre.org | http://svn.boost.org/trac/boost/changeset/42745 | Exploit | |
| cve@mitre.org | http://wiki.rpath.com/Advisories:rPSA-2008-0063 | ||
| cve@mitre.org | http://www.gentoo.org/security/en/glsa/glsa-200802-08.xml | ||
| cve@mitre.org | http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:032 | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/488102/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/27325 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/usn-570-1 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/0249 | ||
| cve@mitre.org | https://issues.rpath.com/browse/RPL-2143 | ||
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00760.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://bugs.gentoo.org/show_bug.cgi?id=205955 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/28511 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/28527 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/28545 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/28705 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/28860 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/28943 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29323 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48099 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://svn.boost.org/trac/boost/changeset/42674 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://svn.boost.org/trac/boost/changeset/42745 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://wiki.rpath.com/Advisories:rPSA-2008-0063 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200802-08.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:032 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/488102/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/27325 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/usn-570-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/0249 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://issues.rpath.com/browse/RPL-2143 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00760.html |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:boost:boost:1.33:*:*:*:*:*:*:*",
"matchCriteriaId": "B7A527FE-ED5E-4C9A-823C-0D76B1885691",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:boost:boost:1.34:*:*:*:*:*:*:*",
"matchCriteriaId": "C9CAD8FD-3F47-4AA4-9B97-41892E58FB57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:boost:boost_regex_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81538702-CFC1-4A99-96B9-F8745F8D1D53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "regex/v4/perl_matcher_non_recursive.hpp in the Boost regex library (aka Boost.Regex) in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service (failed assertion and crash) via an invalid regular expression."
},
{
"lang": "es",
"value": "regex/v4/perl_matcher_non_recursive.hpp en la librer\u00eda de expresiones regulares (tambi\u00e9n conocido como Boost.Regex) de Boost 1.33 y 1.34 permite a atacantes remotos dependientes de contexto provocar una denegaci\u00f3n de servicio (fallo de aserci\u00f3n y ca\u00edda) mediante una expresi\u00f3n regular inv\u00e1lida."
}
],
"id": "CVE-2008-0171",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-01-17T23:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=205955"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/28511"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/28527"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/28545"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/28705"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/28860"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/28943"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/29323"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/48099"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://svn.boost.org/trac/boost/changeset/42674"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://svn.boost.org/trac/boost/changeset/42745"
},
{
"source": "cve@mitre.org",
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0063"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200802-08.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:032"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/488102/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/27325"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/usn-570-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/0249"
},
{
"source": "cve@mitre.org",
"url": "https://issues.rpath.com/browse/RPL-2143"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00760.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=205955"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28511"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28527"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28545"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28705"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28860"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28943"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/29323"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48099"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://svn.boost.org/trac/boost/changeset/42674"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://svn.boost.org/trac/boost/changeset/42745"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0063"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200802-08.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:032"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/488102/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/27325"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-570-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/0249"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.rpath.com/browse/RPL-2143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00760.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "This issue did not affect the version of boost as shipped with Red Hat Enterprise Linux 4.\n\nFor Red Hat Enterprise Linux 5, Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2008-0171\n\nThe Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw.",
"lastModified": "2008-05-12T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-03-12 22:55
Modified
2025-04-11 00:51
Severity ?
Summary
boost::locale::utf::utf_traits in the Boost.Locale library in Boost 1.48 through 1.52 does not properly detect certain invalid UTF-8 sequences, which might allow remote attackers to bypass input validation protection mechanisms via crafted trailing bytes.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699649 | ||
| secalert@redhat.com | http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699650 | ||
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2013-February/099103.html | ||
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2013-February/099122.html | ||
| secalert@redhat.com | http://www.boost.org/users/news/boost_locale_security_notice.html | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2013:065 | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2013/02/04/2 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/57675 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1727-1 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=907481 | ||
| secalert@redhat.com | https://svn.boost.org/trac/boost/ticket/7743 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699649 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699650 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2013-February/099103.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2013-February/099122.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.boost.org/users/news/boost_locale_security_notice.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2013:065 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2013/02/04/2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/57675 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1727-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=907481 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://svn.boost.org/trac/boost/ticket/7743 |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:boost:boost:1.48.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ECF5C3C6-3635-48C0-8D5B-1E32622C14BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:boost:boost:1.49.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DD95A10D-F736-4DF9-87C9-35B4010FF1E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:boost:boost:1.50.0:*:*:*:*:*:*:*",
"matchCriteriaId": "02F34CAC-73C5-4965-BE43-1B3C6A4E9985",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:boost:boost:1.51.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D61F79D8-D2F6-467E-826D-29582E4E2338",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:boost:boost:1.52.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2E34C87F-0C63-4A51-95A7-DA8476151059",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "boost::locale::utf::utf_traits in the Boost.Locale library in Boost 1.48 through 1.52 does not properly detect certain invalid UTF-8 sequences, which might allow remote attackers to bypass input validation protection mechanisms via crafted trailing bytes."
},
{
"lang": "es",
"value": "boost :: locale :: utf :: utf_traits en la biblioteca Boost Boost.Locale en Boost v1.48 hasta v1.52 no detecta correctamente ciertas secuencias UTF-8 inv\u00e1lidaso, lo que podr\u00eda permitir a atacantes remotos eludir el mecanismo de protecci\u00f3n mediante la manipulaci\u00f3n de determinados bytes."
}
],
"id": "CVE-2013-0252",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-03-12T22:55:01.707",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699649"
},
{
"source": "secalert@redhat.com",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699650"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-February/099103.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-February/099122.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.boost.org/users/news/boost_locale_security_notice.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:065"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2013/02/04/2"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/57675"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1727-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=907481"
},
{
"source": "secalert@redhat.com",
"url": "https://svn.boost.org/trac/boost/ticket/7743"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699649"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699650"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-February/099103.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-February/099122.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.boost.org/users/news/boost_locale_security_notice.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:065"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2013/02/04/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/57675"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1727-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=907481"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://svn.boost.org/trac/boost/ticket/7743"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-01-17 23:00
Modified
2025-04-09 00:30
Severity ?
Summary
The get_repeat_type function in basic_regex_creator.hpp in the Boost regex library (aka Boost.Regex) in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service (NULL dereference and crash) via an invalid regular expression.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://bugs.gentoo.org/show_bug.cgi?id=205955 | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html | ||
| cve@mitre.org | http://secunia.com/advisories/28511 | ||
| cve@mitre.org | http://secunia.com/advisories/28527 | ||
| cve@mitre.org | http://secunia.com/advisories/28545 | ||
| cve@mitre.org | http://secunia.com/advisories/28705 | ||
| cve@mitre.org | http://secunia.com/advisories/28860 | ||
| cve@mitre.org | http://secunia.com/advisories/28943 | ||
| cve@mitre.org | http://secunia.com/advisories/29323 | ||
| cve@mitre.org | http://secunia.com/advisories/48099 | ||
| cve@mitre.org | http://svn.boost.org/trac/boost/changeset/42674 | ||
| cve@mitre.org | http://svn.boost.org/trac/boost/changeset/42745 | ||
| cve@mitre.org | http://wiki.rpath.com/Advisories:rPSA-2008-0063 | ||
| cve@mitre.org | http://www.gentoo.org/security/en/glsa/glsa-200802-08.xml | ||
| cve@mitre.org | http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:032 | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/488102/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/27325 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/usn-570-1 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/0249 | ||
| cve@mitre.org | https://issues.rpath.com/browse/RPL-2143 | ||
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00760.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://bugs.gentoo.org/show_bug.cgi?id=205955 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/28511 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/28527 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/28545 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/28705 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/28860 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/28943 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29323 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48099 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://svn.boost.org/trac/boost/changeset/42674 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://svn.boost.org/trac/boost/changeset/42745 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://wiki.rpath.com/Advisories:rPSA-2008-0063 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200802-08.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:032 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/488102/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/27325 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/usn-570-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/0249 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://issues.rpath.com/browse/RPL-2143 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00760.html |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ubuntu | ubuntu_linux | 6.06_lts | |
| ubuntu | ubuntu_linux | 6.10 | |
| ubuntu | ubuntu_linux | 7.04 | |
| ubuntu | ubuntu_linux | 7.10 | |
| boost | boost | 1.33 | |
| boost | boost | 1.34 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:*:*:*:*:*:*",
"matchCriteriaId": "B8517E55-4357-4AFD-B571-5533123CB014",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "33904E65-D50D-4EAE-885D-FE2EBF535F18",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:7.04:*:*:*:*:*:*:*",
"matchCriteriaId": "F9A940B9-A553-4A0B-8ECF-52FD26894285",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "06FD8602-7069-41C6-B65C-84928EDCE2D6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:boost:boost:1.33:*:*:*:*:*:*:*",
"matchCriteriaId": "B7A527FE-ED5E-4C9A-823C-0D76B1885691",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:boost:boost:1.34:*:*:*:*:*:*:*",
"matchCriteriaId": "C9CAD8FD-3F47-4AA4-9B97-41892E58FB57",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The get_repeat_type function in basic_regex_creator.hpp in the Boost regex library (aka Boost.Regex) in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service (NULL dereference and crash) via an invalid regular expression."
},
{
"lang": "es",
"value": "La funci\u00f3n get_repeat_type en basic_regex_creator.hpp de la librer\u00eda de expresiones regulares (tambi\u00e9n conocido como Boost.Regex) de Boost 1.33 y 1.34 permite a atacantes remotos dependientes de contexto provocar una denegaci\u00f3n de servicio (referencia nula y ca\u00edda) mediante una expresi\u00f3n regular inv\u00e1lida."
}
],
"id": "CVE-2008-0172",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-01-17T23:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=205955"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/28511"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/28527"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/28545"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/28705"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/28860"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/28943"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/29323"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/48099"
},
{
"source": "cve@mitre.org",
"url": "http://svn.boost.org/trac/boost/changeset/42674"
},
{
"source": "cve@mitre.org",
"url": "http://svn.boost.org/trac/boost/changeset/42745"
},
{
"source": "cve@mitre.org",
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0063"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200802-08.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:032"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/488102/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/27325"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/usn-570-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/0249"
},
{
"source": "cve@mitre.org",
"url": "https://issues.rpath.com/browse/RPL-2143"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00760.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=205955"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28511"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28527"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28545"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28705"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28860"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28943"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/29323"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48099"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://svn.boost.org/trac/boost/changeset/42674"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://svn.boost.org/trac/boost/changeset/42745"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0063"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200802-08.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:032"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/488102/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/27325"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-570-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/0249"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.rpath.com/browse/RPL-2143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00760.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "This issue did not affect the version of boost as shipped with Red Hat Enterprise Linux 4.\n\nFor Red Hat Enterprise Linux 5, Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2008-0172\n\nThe Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw.",
"lastModified": "2008-05-12T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}