Oval Definition:oval:org.opensuse.security:def:20122677
Revision Date:2022-05-20Version:1
Title:CVE-2012-2677
Description:

Integer overflow in the ordered_malloc function in boost/pool/pool.hpp in Boost Pool before 3.9 makes it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large memory chunk size value, which causes less memory to be allocated than expected.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2012-2677
Mitre CVE-2012-2677
SUSE CVE-2012-2677
SUSE-SU-2012:0882-1
SUSE-SU-2012:0882-1
Platform(s):SLE SDK 10 SP4 for IBM iSeries and IBM pSeries
SLE SDK 10 SP4 for IBM zSeries
SLE SDK 10 SP4 for IPF
SLE SDK 10 SP4 for x86
SLE SDK 10 SP4 for X86-64
SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T
SUSE Linux Enterprise Desktop 10 SP4 for x86
SUSE Linux Enterprise Desktop 11 SP1
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Server 10 SP4 for AMD64 and Intel EM64T
SUSE Linux Enterprise Server 10 SP4 for IBM POWER
SUSE Linux Enterprise Server 10 SP4 for IBM zSeries 64bit
SUSE Linux Enterprise Server 10 SP4 for IPF
SUSE Linux Enterprise Server 10 SP4 for x86
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 11 SP1 for Teradata
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1-TERADATA
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server for SAP Applications 11 SP1-TERADATA
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Software Development Kit 11 SP2
SUSE Linux Enterprise Teradata 10 SP3 for AMD64 and Intel EM64T
Product(s):
Definition Synopsis
  • Release Information
  • sles10-sp4 is installed
  • AND
  • boost-32bit less than 1.33.1-17.15.1
  • OR boost-64bit less than 1.33.1-17.15.1
  • OR boost-devel-64bit less than 1.33.1-17.15.1
  • OR boost-devel less than 1.33.1-17.15.1
  • OR boost-doc less than 1.33.1-17.15.1
  • OR boost less than 1.33.1-17.15.1
  • OR Package Information
  • sles10-sp4-sdk is installed
  • AND
  • boost-devel-64bit less than 1.33.1-17.15.1
  • OR boost-devel less than 1.33.1-17.15.1
  • OR boost-doc less than 1.33.1-17.15.1
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP1 is installed
  • OR SUSE Linux Enterprise Server 11 SP2 is installed
  • AND Package Information
  • boost-license-1.36.0-12.3 is installed
  • OR libboost_program_options1_36_0-1.36.0-12.3 is installed
  • OR libboost_regex1_36_0-1.36.0-12.3 is installed
  • OR libboost_signals1_36_0-1.36.0-12.3 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP1 is installed
  • OR SUSE Linux Enterprise Server 11 SP1-TERADATA is installed
  • OR SUSE Linux Enterprise Server 11 SP2 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 SP1-TERADATA is installed
  • AND Package Information
  • boost-license-1.36.0-12.3 is installed
  • OR libboost_program_options1_36_0-1.36.0-12.3 is installed
  • OR libboost_regex1_36_0-1.36.0-12.3 is installed
  • OR libboost_signals1_36_0-1.36.0-12.3 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP1 is installed
  • OR SUSE Linux Enterprise Server 11 SP1-TERADATA is installed
  • OR SUSE Linux Enterprise Server 11 SP2 is installed
  • AND Package Information
  • boost-license-1.36.0-12.3.1 is installed
  • OR libboost_program_options1_36_0-1.36.0-12.3.1 is installed
  • OR libboost_regex1_36_0-1.36.0-12.3.1 is installed
  • OR libboost_signals1_36_0-1.36.0-12.3.1 is installed
    • BACK