CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2020-26154 – libproxy: sending more than 102400 bytes in PAC without a Content-Length present could result in buffer overflow
https://notcve.org/view.php?id=CVE-2020-26154
29 Sep 2020 — url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header. El archivo url.cpp en libproxy versiones hasta 0.4.15, es propenso a un desbordamiento del búfer cuando PAC está habilitado, como es demostrado por un archivo PAC grande que es entregado sin un encabezado Content-length Two vulnerabilities were discovered in libproxy, an automatic proxy configuration management library, which could resul... • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00030.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-121: Stack-based Buffer Overflow •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 2CVE-2012-5580
https://notcve.org/view.php?id=CVE-2012-5580
27 Oct 2014 — Format string vulnerability in the print_proxies function in bin/proxy.c in libproxy 0.3.1 might allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in a proxy name, as demonstrated using the http_proxy environment variable or a PAC file. Una vulnerabilidad de cadena de formato en la función print_proxies en bin/proxy.c en libproxy 0.3.1 podría permitir a atacantes dependientes del contexto causar una denegación de servicio ... • http://www.securityfocus.com/bid/56712 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 4%CPEs: 3EXPL: 0CVE-2012-4505 – libproxy: PAC handling insufficient content length check leading to buffer overflow
https://notcve.org/view.php?id=CVE-2012-4505
11 Nov 2012 — Heap-based buffer overflow in the px_pac_reload function in lib/pac.c in libproxy 0.2.x and 0.3.x allows remote servers to have an unspecified impact via a crafted Content-Length size in an HTTP response header for a proxy.pac file request, a different vulnerability than CVE-2012-4504. Desbordamiento de búfer basado en memoria dinámica en la función px_pac_reload en lib/pac.c en libproxy v0.2.x y v0.3.x permite que los servidores remotos tengan un impacto no especificado a través de un tamaño Content-Length... • http://lists.opensuse.org/opensuse-updates/2012-10/msg00065.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •