FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-18 11:12:36 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
3b5c2362-bd07-11e5-b7ef-5453ed2e2b49libproxy -- stack-based buffer overflow

Tomas Hoger reports:

A buffer overflow flaw was discovered in the libproxy's url::get_pac() used to download proxy.pac proxy auto-configuration file. A malicious host hosting proxy.pac, or a man in the middle attacker, could use this flaw to trigger a stack-based buffer overflow in an application using libproxy, if proxy configuration instructed it to download proxy.pac file from a remote HTTP server.


Discovery 2012-10-10
Entry 2016-01-17
Modified 2016-01-18
libproxy
ge 0.4.0 lt 0.4.6_1

libproxy-gnome
ge 0.4.0 lt 0.4.6_2

libproxy-kde
ge 0.4.0 lt 0.4.6_6

libproxy-perl
ge 0.4.0 lt 0.4.6_3

libproxy-webkit
ge 0.4.0 lt 0.4.6_4

CVE-2012-4504
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4504
http://www.openwall.com/lists/oss-security/2012/10/12/1
https://github.com/libproxy/libproxy/commit/c440553c12836664afd24a24fb3a4d10a2facd2c
https://bugzilla.redhat.com/show_bug.cgi?id=864417
https://groups.google.com/forum/?fromgroups=#!topic/libproxy/VxZ8No7mT0E