Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2008-0171

Published: 17/01/2008 Updated: 15/10/2018
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Boost

Vulnerability Summary

regex/v4/perl_matcher_non_recursive.hpp in the Boost regex library (aka Boost.Regex) in Boost 1.33 and 1.34 allows context-dependent malicious users to cause a denial of service (failed assertion and crash) via an invalid regular expression.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

boost boost 1.33

boost boost 1.34

boost boost regex library

Vendor Advisories

Red Hat: Low: boost security and bug fix update
Synopsis Low: boost security and bug fix update Type/Severity Security Advisory: Low Topic Updated boost packages that fix two security issues and two bugs are nowavailable for Red Hat Enterprise Linux 5The Red Hat Security Response Team has rated this update as having lowsecurity impact Common Vulnerabil ...
Ubuntu Security Notice: boost vulnerabilities
Will Drewry and Tavis Ormandy discovered that the boost library did not properly perform input validation on regular expressions An attacker could send a specially crafted regular expression to an application linked against boost and cause a denial of service via application crash ...

References

CWE-20http://bugs.gentoo.org/show_bug.cgi?id=205955http://svn.boost.org/trac/boost/changeset/42674http://svn.boost.org/trac/boost/changeset/42745https://issues.rpath.com/browse/RPL-2143http://www.ubuntu.com/usn/usn-570-1http://www.securityfocus.com/bid/27325https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00760.htmlhttp://secunia.com/advisories/28545http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:032http://secunia.com/advisories/28705http://secunia.com/advisories/28511http://secunia.com/advisories/28527http://wiki.rpath.com/Advisories:rPSA-2008-0063http://www.gentoo.org/security/en/glsa/glsa-200802-08.xmlhttp://secunia.com/advisories/28943http://secunia.com/advisories/28860http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.htmlhttp://secunia.com/advisories/29323http://www.vupen.com/english/advisories/2008/0249http://secunia.com/advisories/48099http://www.securityfocus.com/archive/1/488102/100/0/threadedhttps://access.redhat.com/errata/RHSA-2012:0305https://usn.ubuntu.com/570-1/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654CVE-2024-2757authentication bypassCVE-2024-3194CVE-2024-33640CVE-2024-21111dosinsecure direct object referenceCVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook