CVE-2020-26154 – libproxy: sending more than 102400 bytes in PAC without a Content-Length present could result in buffer overflow
https://notcve.org/view.php?id=CVE-2020-26154
url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header. El archivo url.cpp en libproxy versiones hasta 0.4.15, es propenso a un desbordamiento del búfer cuando PAC está habilitado, como es demostrado por un archivo PAC grande que es entregado sin un encabezado Content-length • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00030.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00033.html https://bugs.debian.org/968366 https://github.com/libproxy/libproxy/pull/126 https://lists.debian.org/debian-lts-announce/2020/11/msg00024.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3BID3HVHAF6DA3YJOFDBSAZSMR3ODNIW https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZVZ • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-121: Stack-based Buffer Overflow •
CVE-2020-25219 – libproxy: uncontrolled recursion via an infinite stream response leading to stack exhaustion
https://notcve.org/view.php?id=CVE-2020-25219
url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. This leads to stack exhaustion. La función url::recvline en el archivo url.cpp en libproxy versiones 0.4.x hasta 0.4.15, permite a un servidor HTTP remoto activar una recursividad no controlada por medio de una respuesta compuesta por una transmisión infinita que carece de un carácter newline. Esto conlleva al agotamiento de la pila. A flaw was found in libproxy in versions 0.4 through 0.4.15. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00030.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00033.html https://github.com/libproxy/libproxy/issues/134 https://lists.debian.org/debian-lts-announce/2020/09/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNID6EZVOVH7EZB7KFU2EON54CFDIVUR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JF5JSONJNO64ARWRVOS6K6HSIPHEF3H2 https://lists • CWE-674: Uncontrolled Recursion •
CVE-2012-4504
https://notcve.org/view.php?id=CVE-2012-4504
Stack-based buffer overflow in the url::get_pac function in url.cpp in libproxy 0.4.x before 0.4.9 allows remote servers to have an unspecified impact via a large proxy.pac file. Desbordamiento de búfer basado en pila en la función url::get_pac en url.cpp en libproxy v0.4.x antes de v0.4.9 permite que los servidores remotos tengan un impacto no especificado a través de un archivo proxy.pac grande. • http://code.google.com/p/libproxy/source/detail?r=853 http://lists.opensuse.org/opensuse-updates/2012-10/msg00065.html http://secunia.com/advisories/51048 http://www.openwall.com/lists/oss-security/2012/10/12/1 http://www.openwall.com/lists/oss-security/2012/10/12/5 http://www.openwall.com/lists/oss-security/2012/10/16/3 http://www.securityfocus.com/bid/55909 http://www.ubuntu.com/usn/USN-1629-1 https://bugzilla.redhat.com/show_bug.cgi?id=864417 http • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •