Computer Security
[EN] securityvulns.ru no-pyccku


Privoxy use-after-free
updated since 25.01.2015
Published:02.02.2015
Source:
SecurityVulns ID:14234
Type:remote
Threat Level:
5/10
Description:Multiple use-after-free cases.
Affected:PRIVOXY : Privoxy 3.0
CVE:CVE-2015-1382 (parsers.c in Privoxy before 3.0.23 allows remote attackers to cause a denial of service (invalid read and crash) via vectors related to an HTTP time header.)
 CVE-2015-1381 (Multiple unspecified vulnerabilities in pcrs.c in Privoxy before 3.0.23 allow remote attackers to cause a denial of service (segmentation fault or memory consumption) via unspecified vectors.)
 CVE-2015-1031 (Multiple use-after-free vulnerabilities in Privoxy before 3.0.22 allow remote attackers to have unspecified impact via vectors related to (1) the unmap function in list.c or (2) "two additional unconfirmed use-after-free complaints made by Coverity scan." NOTE: some of these details are obtained from third party information.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 3145-1] privoxy security update (02.02.2015)
 documentDEBIAN, [SECURITY] [DSA 3133-1] privoxy security update (25.01.2015)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod