Your submission was sent successfully! Close

CVE-2013-1839

Published: 30 September 2013

The strHdrAcptLangGetItem function in errorpage.cc in Squid 3.2.x before 3.2.9 and 3.3.x before 3.3.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a "," character in an Accept-Language header.

Priority

Medium

Status

Package Release Status
squid3
Launchpad, Ubuntu, Debian
Upstream Needs triage