CVE-2009-3305

Priority
Medium
Description
Polipo 1.0.4, and possibly other versions, allows remote attackers to cause
a denial of service (crash) via a request with a Cache-Control header that
lacks a value for the max-age field, which triggers a segmentation fault in
the httpParseHeaders function in http_parse.c, and possibly other
unspecified vectors.
References
Package
Upstream:released (1.0.4-1.1)
Ubuntu 8.04 LTS (Hardy Heron):released (1.0.4-1+lenny1build0.8.04.1)
Ubuntu 10.04 LTS (Lucid Lynx):not-affected
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:20:12 UTC (commit 5347)