Lucene search
K

4 matches found

securityvulns
securityvulns
added 2010/02/22 12:0 a.m.137 views

[SECURITY] [DSA-2002-1] New polipo packages fix denial of service

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-2002-1 [email protected] http://www.debian.org/security/ Stefan Fritsch February 19, 2010 http://www.debian.org/security/faq -...

10CVSS0.2AI score0.10066EPSS
Exploits1
OSV
OSV
added 2009/12/24 4:30 p.m.9 views

CVE-2009-4413

The httpClientDiscardBody function in client.c in Polipo 0.9.8, 0.9.12, 1.0.4, and possibly other versions, allows remote attackers to cause a denial of service crash via a request with a large Content-Length value, which triggers an integer overflow, a signed-to-unsigned conversion error with a...

6.5AI score
Exploits0References7
CVE
CVE
added 2009/12/24 4:0 p.m.60 views

CVE-2009-4413

CVE-2009-4413 affects the Polipo web proxy. The issue resides in httpClientDiscardBody in client.c, present in Polipo versions such as 0.9.8, 0.9.12, and 1.0.4. A crafted remote request with a large Content-Length triggers an integer overflow and a signed-to-unsigned conversion error, leading to ...

5CVSS6.3AI score0.0866EPSS
Exploits0References7Affected Software1
OpenVAS
OpenVAS
added 2009/12/08 12:0 a.m.36 views

Polipo Malformed HTTP GET Request Memory Corruption Vulnerability

Polipo is prone to a memory-corruption vulnerability. Successful exploits may allow remote attackers to execute arbitrary code within the context of the affected application or crash the application, denying service to legitimate users. Polipo 0.9.8 and 1.0.4 are vulnerable; other versions may al...

5CVSS6.8AI score0.0866EPSS
Exploits0References2
Rows per page
Query Builder