CVE-2012-4505
Published: 12 October 2012
Heap-based buffer overflow in the px_pac_reload function in lib/pac.c in libproxy 0.2.x and 0.3.x allows remote servers to have an unspecified impact via a crafted Content-Length size in an HTTP response header for a proxy.pac file request, a different vulnerability than CVE-2012-4504.
Notes
Author | Note |
---|---|
jdstrand | 0.4 not affected |
Priority
Status
Package | Release | Status |
---|---|---|
libproxy Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
lucid |
Released
(0.3.1-1ubuntu1.1)
|
|
natty |
Ignored
(end of life)
|
|
oneiric |
Released
(0.3.1-2ubuntu6.1)
|
|
precise |
Not vulnerable
(0.4.7-0ubuntu4)
|
|
quantal |
Not vulnerable
|
|
upstream |
Needs triage
|
|
Patches: other: https://bugzilla.redhat.com/attachment.cgi?id=625842 |