Lucene search
AmazonALAS-2012-140HistoryNov 20, 2012 - 6:25 a.m.
Medium: libproxy
2012-11-2006:25:00
alas.aws.amazon.com
9
0.014 Low
EPSS
Percentile
86.6%
Issue Overview:
A buffer overflow flaw was found in the way libproxy handled the downloading of proxy auto-configuration (PAC) files. A malicious server hosting a PAC file or a man-in-the-middle attacker could use this flaw to cause an application using libproxy to crash or, possibly, execute arbitrary code, if the proxy settings obtained by libproxy (from the environment or the desktop environment settings) instructed the use of a PAC proxy configuration. (CVE-2012-4505)
Affected Packages:
libproxy
Issue Correction:
Run yum update libproxy to update your system.
New Packages:
i686:
libproxy-bin-0.3.0-3.7.amzn1.i686
libproxy-devel-0.3.0-3.7.amzn1.i686
libproxy-python-0.3.0-3.7.amzn1.i686
libproxy-debuginfo-0.3.0-3.7.amzn1.i686
libproxy-0.3.0-3.7.amzn1.i686
src:
libproxy-0.3.0-3.7.amzn1.src
x86_64:
libproxy-python-0.3.0-3.7.amzn1.x86_64
libproxy-0.3.0-3.7.amzn1.x86_64
libproxy-bin-0.3.0-3.7.amzn1.x86_64
libproxy-devel-0.3.0-3.7.amzn1.x86_64
libproxy-debuginfo-0.3.0-3.7.amzn1.x86_64
Additional References
Red Hat: CVE-2012-4505
Mitre: CVE-2012-4505
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Amazon Linux | 1 | i686 | libproxy-bin | < 0.3.0-3.7.amzn1 | libproxy-bin-0.3.0-3.7.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | libproxy-devel | < 0.3.0-3.7.amzn1 | libproxy-devel-0.3.0-3.7.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | libproxy-python | < 0.3.0-3.7.amzn1 | libproxy-python-0.3.0-3.7.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | libproxy-debuginfo | < 0.3.0-3.7.amzn1 | libproxy-debuginfo-0.3.0-3.7.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | libproxy | < 0.3.0-3.7.amzn1 | libproxy-0.3.0-3.7.amzn1.i686.rpm |
| Amazon Linux | 1 | x86_64 | libproxy-python | < 0.3.0-3.7.amzn1 | libproxy-python-0.3.0-3.7.amzn1.x86_64.rpm |
| Amazon Linux | 1 | x86_64 | libproxy | < 0.3.0-3.7.amzn1 | libproxy-0.3.0-3.7.amzn1.x86_64.rpm |
| Amazon Linux | 1 | x86_64 | libproxy-bin | < 0.3.0-3.7.amzn1 | libproxy-bin-0.3.0-3.7.amzn1.x86_64.rpm |
| Amazon Linux | 1 | x86_64 | libproxy-devel | < 0.3.0-3.7.amzn1 | libproxy-devel-0.3.0-3.7.amzn1.x86_64.rpm |
| Amazon Linux | 1 | x86_64 | libproxy-debuginfo | < 0.3.0-3.7.amzn1 | libproxy-debuginfo-0.3.0-3.7.amzn1.x86_64.rpm |
Related
openvas
openvas
CentOS Update for libproxy CESA-2012:1461 centos6
2012-11-15 00:00:00
RedHat Update for libproxy RHSA-2012:1461-01
2012-11-15 00:00:00
Debian Security Advisory DSA 2571-1 (libproxy)
2012-11-16 00:00:00
redhat
redhat
(RHSA-2012:1461) Moderate: libproxy security update
2012-11-14 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:00:00
oraclelinux
oraclelinux
libproxy security update
2012-11-14 00:00:00
nessus
nessus
Amazon Linux AMI : libproxy (ALAS-2012-140)
2013-09-04 00:00:00
CentOS 6 : libproxy (CESA-2012:1461)
2012-11-16 00:00:00
SuSE 11.2 Security Update : libproxy (SAT Patch Number 7092)
2013-01-25 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2571-1] libproxy security update
2012-11-06 00:00:00
libproxy buffer overflow
2012-11-26 00:00:00
debian
debian
[SECURITY] [DSA 2571-1] libproxy security update
2012-11-04 18:23:00
centos
centos
libproxy security update
2012-11-15 03:44:16
cvelist
cvelist
CVE-2012-4505
2012-11-11 11:00:00
cve
cve
CVE-2012-4505
2012-11-11 13:00:00
CVE-2012-4521
2012-11-11 13:00:00
ubuntu
ubuntu
libproxy vulnerabilities
2012-11-12 00:00:00
prion
prion
Heap overflow
2012-11-11 13:00:00
ubuntucve
ubuntucve
CVE-2012-4505
2012-10-12 00:00:00
debiancve
debiancve
CVE-2012-4505
2012-11-11 13:00:00