Description
parsers.c in Privoxy before 3.0.23 allows remote attackers to cause a denial of service (invalid read and crash) via vectors related to an HTTP time header.
References (8)
Core 8
Core References
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2015/01/26/4
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/62899
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2015/dsa-3145
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/62775
Product x_refsource_confirm
http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/ChangeLog?revision=1.197&view=markup
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2015/01/27/20
Product x_refsource_confirm
http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/parsers.c?r1=1.297&r2=1.298
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2015-02/msg00031.html
Scores
EPSS
0.0189
EPSS Percentile
83.5%
Details
CWE
CWE-20
Status
published
Products (4)
debian/debian_linux
7.0
opensuse/opensuse
13.1
opensuse/opensuse
13.2
privoxy/privoxy
< 3.0.22
Published
Feb 03, 2015
Tracked Since
Feb 18, 2026