5
CVE-2008-0172
- EPSS 1.96%
- Veröffentlicht 17.01.2008 23:00:00
- Zuletzt bearbeitet 16.06.2026 22:49:04
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
The get_repeat_type function in basic_regex_creator.hpp in the Boost regex library (aka Boost.Regex) in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service (NULL dereference and crash) via an invalid regular expression.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Boost ≫ Boost Version1.33
Ubuntu ≫ Ubuntu Linux Version6.06_lts
Ubuntu ≫ Ubuntu Linux Version6.10
Ubuntu ≫ Ubuntu Linux Version7.04
Ubuntu ≫ Ubuntu Linux Version7.10
Ubuntu ≫ Ubuntu Linux Version6.10
Ubuntu ≫ Ubuntu Linux Version7.04
Ubuntu ≫ Ubuntu Linux Version7.10
Boost ≫ Boost Version1.34
Ubuntu ≫ Ubuntu Linux Version6.06_lts
Ubuntu ≫ Ubuntu Linux Version6.10
Ubuntu ≫ Ubuntu Linux Version7.04
Ubuntu ≫ Ubuntu Linux Version7.10
Ubuntu ≫ Ubuntu Linux Version6.10
Ubuntu ≫ Ubuntu Linux Version7.04
Ubuntu ≫ Ubuntu Linux Version7.10
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.96% | 0.777 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html
http://secunia.com/advisories/29323
http://bugs.gentoo.org/show_bug.cgi?id=205955
http://secunia.com/advisories/28511
http://secunia.com/advisories/28527
http://secunia.com/advisories/28545
http://secunia.com/advisories/28705
http://secunia.com/advisories/28860
http://secunia.com/advisories/28943
http://secunia.com/advisories/48099
http://svn.boost.org/trac/boost/changeset/42674
http://svn.boost.org/trac/boost/changeset/42745
http://wiki.rpath.com/Advisories:rPSA-2008-0063
http://www.gentoo.org/security/en/glsa/glsa-200802-08.xml
http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:032
http://www.securityfocus.com/archive/1/488102/100/0/threaded
http://www.securityfocus.com/bid/27325
http://www.ubuntu.com/usn/usn-570-1
http://www.vupen.com/english/advisories/2008/0249
https://issues.rpath.com/browse/RPL-2143
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00760.html