CVE-2009-3305
Priority
Medium
Description
Polipo 1.0.4, and possibly other versions, allows remote attackers to cause
a denial of service (crash) via a request with a Cache-Control header that
lacks a value for the max-age field, which triggers a segmentation fault in
the httpParseHeaders function in http_parse.c, and possibly other
unspecified vectors.
a denial of service (crash) via a request with a Cache-Control header that
lacks a value for the max-age field, which triggers a segmentation fault in
the httpParseHeaders function in http_parse.c, and possibly other
unspecified vectors.
Package
| Upstream: | released (1.0.4-1.1) |
| Ubuntu 8.04 LTS (Hardy Heron): | released (1.0.4-1+lenny1build0.8.04.1) |
| Ubuntu 10.04 LTS (Lucid Lynx): | not-affected |