CVE-2009-3654
https://notcve.org/view.php?id=CVE-2009-3654
Unspecified vulnerability in Boost before 6.x-1.03, a module for Drupal, allows remote attackers to create new webroot directories via unknown attack vectors. Vulnerabilidad no especificada en el módulo de Drupal "Boost" antes de v6.x-1.03, permite a atacantes remotos para crear directorios webroot nuevos a través de vectores de ataque desconocidos. • http://drupal.org/node/592470 http://drupal.org/node/592490 http://osvdb.org/58424 http://secunia.com/advisories/36925 http://www.securityfocus.com/bid/36561 https://exchange.xforce.ibmcloud.com/vulnerabilities/53553 •
CVE-2008-0171 – boost regular expression memory corruption flaws
https://notcve.org/view.php?id=CVE-2008-0171
regex/v4/perl_matcher_non_recursive.hpp in the Boost regex library (aka Boost.Regex) in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service (failed assertion and crash) via an invalid regular expression. regex/v4/perl_matcher_non_recursive.hpp en la librería de expresiones regulares (también conocido como Boost.Regex) de Boost 1.33 y 1.34 permite a atacantes remotos dependientes de contexto provocar una denegación de servicio (fallo de aserción y caída) mediante una expresión regular inválida. • http://bugs.gentoo.org/show_bug.cgi?id=205955 http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html http://secunia.com/advisories/28511 http://secunia.com/advisories/28527 http://secunia.com/advisories/28545 http://secunia.com/advisories/28705 http://secunia.com/advisories/28860 http://secunia.com/advisories/28943 http://secunia.com/advisories/29323 http://secunia.com/advisories/48099 http://svn.boost.org/trac/boost/changeset/42674 http://svn.boost • CWE-20: Improper Input Validation •
CVE-2008-0172 – boost regular expression NULL dereference flaw
https://notcve.org/view.php?id=CVE-2008-0172
The get_repeat_type function in basic_regex_creator.hpp in the Boost regex library (aka Boost.Regex) in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service (NULL dereference and crash) via an invalid regular expression. La función get_repeat_type en basic_regex_creator.hpp de la librería de expresiones regulares (también conocido como Boost.Regex) de Boost 1.33 y 1.34 permite a atacantes remotos dependientes de contexto provocar una denegación de servicio (referencia nula y caída) mediante una expresión regular inválida. • http://bugs.gentoo.org/show_bug.cgi?id=205955 http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html http://secunia.com/advisories/28511 http://secunia.com/advisories/28527 http://secunia.com/advisories/28545 http://secunia.com/advisories/28705 http://secunia.com/advisories/28860 http://secunia.com/advisories/28943 http://secunia.com/advisories/29323 http://secunia.com/advisories/48099 http://svn.boost.org/trac/boost/changeset/42674 http://svn.boost • CWE-20: Improper Input Validation CWE-476: NULL Pointer Dereference •