CVE-2008-0172

Name of the Vulnerable Software and Affected Versions Boost regex library versions 1.33 through 1.34 Boost library versions prior to 1.34.1-r2

Description The issue allows context-dependent attackers to cause a denial of service, potentially leading to a crash, via an invalid regular expression. Multiple vulnerabilities in the Boost package can be exploited remotely, leading to disruption of protected information availability.

Recommendations For Boost regex library versions 1.33 through 1.34, consider updating to a version later than 1.34. For Boost library versions prior to 1.34.1-r2, update to version 1.34.1-r2 or later to resolve the issue. As a temporary workaround, consider restricting the use of the get repeat type function in basic regex creator.hpp until a patch is available.