7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.032 Low
EPSS
Percentile
91.1%
Package : privoxy
Version : 3.0.16-1+deb6u1
CVE ID : CVE-2015-1031 CVE-2015-1381 CVE-2015-1382
Several vulnerabilities have been fixed in privoxy, a privacy enhancing
HTTP proxy:
CVE-2015-1031, CID66394:
unmap(): Prevent use-after-free if the map only consists of one item.
CVE-2015-1031, CID66376 and CID66391:
pcrs_execute(): Consistently set *result to NULL in case of errors.
Should make use-after-free in the caller less likely.
CVE-2015-1381:
Fix multiple segmentation faults and memory leaks in the pcrs code.
CVE-2015-1382:
Fix invalid read to prevent potential crashes.
We recommend that you upgrade your privoxy packages.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 6 | all | privoxy | < 3.0.16-1+deb6u1 | privoxy_3.0.16-1+deb6u1_all.deb |