Computer Security
[EN] securityvulns.ru no-pyccku


libproxy buffer overflow
updated since 06.11.2012
Published:26.11.2012
Source:
SecurityVulns ID:12699
Type:library
Threat Level:
5/10
Description:Integer overflow on Content-Length parsing leads to buffer overflow, buffer overflow on proxy.pac parsing.
Affected:LIBPROXY : libproxy 0.3
CVE:CVE-2012-4505 (Heap-based buffer overflow in the px_pac_reload function in lib/pac.c in libproxy 0.2.x and 0.3.x allows remote servers to have an unspecified impact via a crafted Content-Length size in an HTTP response header for a proxy.pac file request, a different vulnerability than CVE-2012-4504.)
 CVE-2012-4504 (Stack-based buffer overflow in the url::get_pac function in url.cpp in libproxy 0.4.x before 0.4.9 allows remote servers to have an unspecified impact via a large proxy.pac file.)
Original documentdocumentMANDRIVA, [ MDVSA-2012:172 ] libproxy (26.11.2012)
 documentDEBIAN, [SECURITY] [DSA 2571-1] libproxy security update (06.11.2012)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod