[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2012-4505Date: (C)2012-11-12   (M)2023-12-22


Heap-based buffer overflow in the px_pac_reload function in lib/pac.c in libproxy 0.2.x and 0.3.x allows remote servers to have an unspecified impact via a crafted Content-Length size in an HTTP response header for a proxy.pac file request, a different vulnerability than CVE-2012-4504.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 10.0
Exploit Score: 10.0
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
SECUNIA-51048
SECUNIA-51180
SECUNIA-51308
BID-55910
DSA-2571
RHSA-2012:1461
USN-1629-1
http://www.openwall.com/lists/oss-security/2012/10/12/5
http://www.openwall.com/lists/oss-security/2012/10/12/1
http://www.openwall.com/lists/oss-security/2012/10/16/3
https://bugzilla.redhat.com/show_bug.cgi?id=864612
https://groups.google.com/forum/?fromgroups=#%21topic/libproxy/VxZ8No7mT0E
openSUSE-SU-2012:1375

CPE    3
cpe:/a:libproxy_project:libproxy:0.3.0
cpe:/a:libproxy_project:libproxy:0.3.1
cpe:/a:libproxy_project:libproxy:0.2.3
CWE    1
CWE-119
OVAL    6
oval:org.secpod.oval:def:701069
oval:org.secpod.oval:def:600913
oval:org.secpod.oval:def:202490
oval:org.secpod.oval:def:1601269
...

© SecPod Technologies