CVE-2008-0172 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2008-0172
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2008-0172

Description: The get_repeat_type function in basic_regex_creator.hpp in the Boost regex library (aka Boost.Regex) in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service (NULL dereference and crash) via an invalid regular expression.

CVE Status: Candidate

References: UBUNTU http://www.ubuntu.com/usn/usn-570-1 SUSE http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html SAID Secunia Advisory: SA28545 Secunia Advisory: SA28705 Secunia Advisory: SA28511 Secunia Advisory: SA28527 Secunia Advisory: SA28943 Secunia Advisory: SA28860 Secunia Advisory: SA29323 MANDRIVA http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:032 GENTOO http://www.gentoo.org/security/en/glsa/glsa-200802-08.xml FEDORA CONFIRM http://wiki.rpath.com/Advisories:rPSA-2008-0063 http://bugs.gentoo.org/show_bug.cgi?id=205955 http://svn.boost.org/trac/boost/changeset/42674 http://svn.boost.org/trac/boost/changeset/42745 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/488102/100/0/threaded BID 27325

Return to the previous page.