CVE-2009-3305
Pps.jussieu Polipo - Improper Input Validation
Title source: ruleDescription
Polipo 1.0.4, and possibly other versions, allows remote attackers to cause a denial of service (crash) via a request with a Cache-Control header that lacks a value for the max-age field, which triggers a segmentation fault in the httpParseHeaders function in http_parse.c, and possibly other unspecified vectors.
Exploits (1)
References (6)
Scores
EPSS
0.1172
EPSS Percentile
93.7%
Details
CWE
CWE-20
Status
published
Products (1)
pps.jussieu/polipo
1.0.4
Published
Dec 24, 2009
Tracked Since
Feb 18, 2026