Lucene search
UbuntuUSN-1727-1HistoryFeb 18, 2013 - 12:00 a.m.
Boost vulnerability
2013-02-1800:00:00
ubuntu.com
35
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
6.3 Medium
AI Score
Confidence
Low
0.008 Low
EPSS
Percentile
81.2%
Releases
- Ubuntu 12.10
Packages
- boost1.49 - C++ representation of time duration, time point, and clocks
Details
It was discovered that the Boost.Locale library incorrectly validated some
invalid UTF-8 sequences. An attacker could possibly use this issue to
bypass input validation in certain applications.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 12.10 | noarch | libboost-locale1.49.0 | < 1.49.0-3.1ubuntu1.2 | UNKNOWN |
| Ubuntu | 12.10 | noarch | libboost-chrono1.49-dev | < 1.49.0-3.1ubuntu1.2 | UNKNOWN |
| Ubuntu | 12.10 | noarch | libboost-chrono1.49.0 | < 1.49.0-3.1ubuntu1.2 | UNKNOWN |
| Ubuntu | 12.10 | noarch | libboost-date-time1.49-dev | < 1.49.0-3.1ubuntu1.2 | UNKNOWN |
| Ubuntu | 12.10 | noarch | libboost-date-time1.49.0 | < 1.49.0-3.1ubuntu1.2 | UNKNOWN |
| Ubuntu | 12.10 | noarch | libboost-filesystem1.49-dev | < 1.49.0-3.1ubuntu1.2 | UNKNOWN |
| Ubuntu | 12.10 | noarch | libboost-filesystem1.49.0 | < 1.49.0-3.1ubuntu1.2 | UNKNOWN |
| Ubuntu | 12.10 | noarch | libboost-graph1.49-dev | < 1.49.0-3.1ubuntu1.2 | UNKNOWN |
| Ubuntu | 12.10 | noarch | libboost-graph1.49.0 | < 1.49.0-3.1ubuntu1.2 | UNKNOWN |
| Ubuntu | 12.10 | noarch | libboost-iostreams1.49-dev | < 1.49.0-3.1ubuntu1.2 | UNKNOWN |
References
Related
nessus
nessus
Fedora 18 : boost-1.50.0-5.fc18 (2013-2448)
2013-02-24 00:00:00
Fedora 17 : boost-1.48.0-14.fc17 (2013-2420)
2013-02-24 00:00:00
Ubuntu 12.10 : boost1.49 vulnerability (USN-1727-1)
2013-02-19 00:00:00
openvas
openvas
Fedora Update for boost FEDORA-2013-2420
2013-03-01 00:00:00
Ubuntu: Security Advisory (USN-1727-1)
2013-02-22 00:00:00
Ubuntu Update for boost1.49 USN-1727-1
2013-02-22 00:00:00
prion
prion
Input validation
2013-03-12 22:55:00
nvd
nvd
CVE-2013-0252
2013-03-12 22:55:01
fedora
fedora
[SECURITY] Fedora 17 Update: boost-1.48.0-14.fc17
2013-02-23 00:53:33
[SECURITY] Fedora 18 Update: boost-1.50.0-5.fc18
2013-02-23 00:58:29
cvelist
cvelist
CVE-2013-0252
2013-03-12 21:00:00
securityvulns
securityvulns
[USN-1727-1] Boost vulnerability
2013-02-24 00:00:00
Boost library protection bypass
2013-02-24 00:00:00
cve
cve
CVE-2013-0252
2013-03-12 22:55:01
ubuntucve
ubuntucve
CVE-2013-0252
2013-02-05 00:00:00
veracode
veracode
Bypassing Input Validation Protection Mechanisms
2017-02-01 09:20:15
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
6.3 Medium
AI Score
Confidence
Low
0.008 Low
EPSS
Percentile
81.2%
Related for USN-1727-1