2 results (0.008 seconds)

CVSS: 5.0EPSS: 0%CPEs: 5EXPL: 0

boost::locale::utf::utf_traits in the Boost.Locale library in Boost 1.48 through 1.52 does not properly detect certain invalid UTF-8 sequences, which might allow remote attackers to bypass input validation protection mechanisms via crafted trailing bytes. boost :: locale :: utf :: utf_traits en la biblioteca Boost Boost.Locale en Boost v1.48 hasta v1.52 no detecta correctamente ciertas secuencias UTF-8 inválidaso, lo que podría permitir a atacantes remotos eludir el mecanismo de protección mediante la manipulación de determinados bytes. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699649 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699650 http://lists.fedoraproject.org/pipermail/package-announce/2013-February/099103.html http://lists.fedoraproject.org/pipermail/package-announce/2013-February/099122.html http://www.boost.org/users/news/boost_locale_security_notice.html http://www.mandriva.com/security/advisories?name=MDVSA-2013:065 http://www.openwall.com/lists/oss-security/2013/02/04/2 http://www.securityfocus • CWE-20: Improper Input Validation •

CVSS: 6.4EPSS: 0%CPEs: 16EXPL: 0

Unspecified vulnerability in Boost before 6.x-1.03, a module for Drupal, allows remote attackers to create new webroot directories via unknown attack vectors. Vulnerabilidad no especificada en el módulo de Drupal "Boost" antes de v6.x-1.03, permite a atacantes remotos para crear directorios webroot nuevos a través de vectores de ataque desconocidos. • http://drupal.org/node/592470 http://drupal.org/node/592490 http://osvdb.org/58424 http://secunia.com/advisories/36925 http://www.securityfocus.com/bid/36561 https://exchange.xforce.ibmcloud.com/vulnerabilities/53553 •