CVE-2013-0252

boost::locale::utf::utf_traits in the Boost.Locale library in Boost 1.48 through 1.52 does not properly detect certain invalid UTF-8 sequences, which might allow remote attackers to bypass input validation protection mechanisms via crafted trailing bytes.
Severity
UNKNOWN
AV:N/AC:L/Au:N/C:N/I:P/A:N
Atk. Vector
NETWORK
Atk. Complexity
LOW
Base Score
CVSS 3.x
EPSS Score
Percentile: 81%
VendorProductVersion
boostboost
1.48.0
boostboost
1.49.0
boostboost
1.50.0
boostboost
1.51.0
boostboost
1.52.0
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
boost1.40
zesty
dne
yakkety
dne
xenial
dne
wily
dne
vivid
dne
utopic
dne
trusty
dne
saucy
dne
raring
dne
quantal
dne
precise
dne
oneiric
dne
lucid
not-affected
hardy
dne
boost1.42
zesty
dne
yakkety
dne
xenial
dne
wily
dne
vivid
dne
utopic
dne
trusty
dne
saucy
dne
raring
dne
quantal
dne
precise
dne
oneiric
not-affected
lucid
dne
hardy
dne
boost1.48
zesty
dne
yakkety
dne
xenial
dne
wily
dne
vivid
dne
utopic
dne
trusty
dne
saucy
dne
raring
dne
quantal
dne
precise
ignored
oneiric
dne
lucid
dne
hardy
dne
boost1.49
zesty
dne
yakkety
dne
xenial
dne
wily
dne
vivid
dne
utopic
dne
trusty
dne
saucy
Fixed 1.49.0-3.2ubuntu1
released
raring
Fixed 1.49.0-3.2ubuntu1
released
quantal
Fixed 1.49.0-3.1ubuntu1.2
released
precise
dne
oneiric
dne
lucid
dne
hardy
dne
boost1.50
zesty
dne
yakkety
dne
xenial
dne
wily
dne
vivid
dne
utopic
dne
trusty
dne
saucy
dne
raring
dne
quantal
ignored
precise
dne
oneiric
dne
lucid
dne
hardy
dne