CVSS: 9.8EPSS: 1%CPEs: 7EXPL: 0CVE-2020-26154 – libproxy: sending more than 102400 bytes in PAC without a Content-Length present could result in buffer overflow
https://notcve.org/view.php?id=CVE-2020-26154
url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header. El archivo url.cpp en libproxy versiones hasta 0.4.15, es propenso a un desbordamiento del búfer cuando PAC está habilitado, como es demostrado por un archivo PAC grande que es entregado sin un encabezado Content-length • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00030.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00033.html https://bugs.debian.org/968366 https://github.com/libproxy/libproxy/pull/126 https://lists.debian.org/debian-lts-announce/2020/11/msg00024.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3BID3HVHAF6DA3YJOFDBSAZSMR3ODNIW https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZVZ • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: 1%CPEs: 3EXPL: 0CVE-2012-4505 – libproxy: PAC handling insufficient content length check leading to buffer overflow
https://notcve.org/view.php?id=CVE-2012-4505
Heap-based buffer overflow in the px_pac_reload function in lib/pac.c in libproxy 0.2.x and 0.3.x allows remote servers to have an unspecified impact via a crafted Content-Length size in an HTTP response header for a proxy.pac file request, a different vulnerability than CVE-2012-4504. Desbordamiento de búfer basado en memoria dinámica en la función px_pac_reload en lib/pac.c en libproxy v0.2.x y v0.3.x permite que los servidores remotos tengan un impacto no especificado a través de un tamaño Content-Length modificado en un encabezado de respuesta HTTP para una solicitud de archivo proxy.pac, una vulnerabilidad diferente a CVE-2012-4504. • http://lists.opensuse.org/opensuse-updates/2012-10/msg00065.html http://rhn.redhat.com/errata/RHSA-2012-1461.html http://secunia.com/advisories/51048 http://secunia.com/advisories/51180 http://secunia.com/advisories/51308 http://www.debian.org/security/2012/dsa-2571 http://www.openwall.com/lists/oss-security/2012/10/12/1 http://www.openwall.com/lists/oss-security/2012/10/12/5 http://www.openwall.com/lists/oss-security/2012/10/16/3 http://www.securityfocus& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •