Red Hat Customer Portal

Skip to main content

CVE-2012-4505

Heap-based buffer overflow in the px_pac_reload function in lib/pac.c in libproxy 0.2.x and 0.3.x allows remote servers to have an unspecified impact via a crafted Content-Length size in an HTTP response header for a proxy.pac file request, a different vulnerability than CVE-2012-4504.

Details Source

Mitre

Public Date

2012-10-12 00:00:00

Impact

Moderate

Bugzilla

CVE-2012-4505 libproxy: PAC handling insufficient content length check leading to buffer overflow

Bugzilla ID

864 612

CVSS Status

verified

Base Score

5.10

Base Metrics

AV:N/AC:H/Au:N/C:P/I:P/A:P

Acknowledgements

This issue was discovered by the Red Hat Security Response Team.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 6 (libproxy) RHSA-2012:1461 2012-11-14