CVSS: 9.8EPSS: 1%CPEs: 7EXPL: 0CVE-2020-26154 – libproxy: sending more than 102400 bytes in PAC without a Content-Length present could result in buffer overflow
https://notcve.org/view.php?id=CVE-2020-26154
29 Sep 2020 — url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header. El archivo url.cpp en libproxy versiones hasta 0.4.15, es propenso a un desbordamiento del búfer cuando PAC está habilitado, como es demostrado por un archivo PAC grande que es entregado sin un encabezado Content-length Two vulnerabilities were discovered in libproxy, an automatic proxy configuration management library, which could resul... • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00030.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-121: Stack-based Buffer Overflow •
CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 1CVE-2020-25219 – libproxy: uncontrolled recursion via an infinite stream response leading to stack exhaustion
https://notcve.org/view.php?id=CVE-2020-25219
09 Sep 2020 — url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. This leads to stack exhaustion. La función url::recvline en el archivo url.cpp en libproxy versiones 0.4.x hasta 0.4.15, permite a un servidor HTTP remoto activar una recursividad no controlada por medio de una respuesta compuesta por una transmisión infinita que carece de un carácter newline. Esto conlleva ... • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00030.html • CWE-674: Uncontrolled Recursion •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 2CVE-2012-5580
https://notcve.org/view.php?id=CVE-2012-5580
27 Oct 2014 — Format string vulnerability in the print_proxies function in bin/proxy.c in libproxy 0.3.1 might allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in a proxy name, as demonstrated using the http_proxy environment variable or a PAC file. Una vulnerabilidad de cadena de formato en la función print_proxies en bin/proxy.c en libproxy 0.3.1 podría permitir a atacantes dependientes del contexto causar una denegación de servicio ... • http://www.securityfocus.com/bid/56712 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 2%CPEs: 3EXPL: 0CVE-2012-4505 – libproxy: PAC handling insufficient content length check leading to buffer overflow
https://notcve.org/view.php?id=CVE-2012-4505
11 Nov 2012 — Heap-based buffer overflow in the px_pac_reload function in lib/pac.c in libproxy 0.2.x and 0.3.x allows remote servers to have an unspecified impact via a crafted Content-Length size in an HTTP response header for a proxy.pac file request, a different vulnerability than CVE-2012-4504. Desbordamiento de búfer basado en memoria dinámica en la función px_pac_reload en lib/pac.c en libproxy v0.2.x y v0.3.x permite que los servidores remotos tengan un impacto no especificado a través de un tamaño Content-Length... • http://lists.opensuse.org/opensuse-updates/2012-10/msg00065.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 1%CPEs: 8EXPL: 0CVE-2012-4504 – Gentoo Linux Security Advisory 201404-02
https://notcve.org/view.php?id=CVE-2012-4504
11 Nov 2012 — Stack-based buffer overflow in the url::get_pac function in url.cpp in libproxy 0.4.x before 0.4.9 allows remote servers to have an unspecified impact via a large proxy.pac file. Desbordamiento de búfer basado en pila en la función url::get_pac en url.cpp en libproxy v0.4.x antes de v0.4.9 permite que los servidores remotos tengan un impacto no especificado a través de un archivo proxy.pac grande. A buffer overflow in libproxy might allow remote attackers to execute arbitrary code. Versions less than 0.4.10... • http://code.google.com/p/libproxy/source/detail?r=853 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •