2 matches found
CVE-2007-6239
CVE-2007-6239 affects Squid 2.x up to 2.6.STABLE17 and Squid 3.0. A flaw in cache update reply processing can cause denial of service by exhausting memory (array/memory leak) during requests for cached objects, via remote attackers. The issue is triggered by HTTP header handling and related array...
CVE-2009-0801
CVE-2009-0801 affects Squid when transparent interception is enabled. The vulnerability arises because the HTTP Host header is used to identify the remote endpoint, allowing an attacker to bypass access controls for Flash/Java/Silverlight and potentially reach restricted intranet sites via a craf...