2 matches found
CVE-2012-4505
CVE-2012-4505 is a heap-based buffer overflow in libproxy’s PAC handling. The flaw resides in px_pac_reload (lib/pac.c) in libproxy 0.2.x and 0.3.x, exploitable by a crafted Content-Length in an HTTP response header for a proxy.pac request, leading to potential crash or arbitrary behavior. Public...
CVE-2012-4504
CVE-2012-4504 affects libproxy 0.4.x (up to 0.4.8); a stack-based buffer overflow in url::get_pac() when processing a proxy.pac file from a remote server can cause an unspecified impact. Remediation: upgrade to libproxy 0.4.9+ (Gentoo GLSA and related advisories reference 0.4.10 as fixed). Other ...