ALAS-2012-140 --- libproxyID: oval:org.secpod.oval:def:1601269 | Date: (C)2020-11-27 (M)2023-11-10 |
Class: PATCH | Family: unix |
A buffer overflow flaw was found in the way libproxy handled the downloading of proxy auto-configuration files. A malicious server hosting a PAC file or a man-in-the-middle attacker could use this flaw to cause an application using libproxy to crash or, possibly, execute arbitrary code, if the proxy settings obtained by libproxy instructed the use of a PAC proxy configuration
Platform: |
Amazon Linux AMI |