RSS   Vulnerabilities for 'Polipo'   RSS

2009-12-24
 
CVE-2009-4413

CWE-189
 

 
The httpClientDiscardBody function in client.c in Polipo 0.9.8, 0.9.12, 1.0.4, and possibly other versions, allows remote attackers to cause a denial of service (crash) via a request with a large Content-Length value, which triggers an integer overflow, a signed-to-unsigned conversion error with a negative value, and a segmentation fault.

 
 
CVE-2009-3305

CWE-20
 

 
Polipo 1.0.4, and possibly other versions, allows remote attackers to cause a denial of service (crash) via a request with a Cache-Control header that lacks a value for the max-age field, which triggers a segmentation fault in the httpParseHeaders function in http_parse.c, and possibly other unspecified vectors.

 
2009-09-09
 
CVE-2008-7191

CWE-noinfo
 

 
Unspecified vulnerability in Polipo before 1.0.4 allows remote attackers to cause a denial of service (crash) via a long request URL.

 


Copyright 2024, cxsecurity.com

 

Back to Top