Published: 02/05/2005 Updated: 11/07/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

The filtering of URLs in JunkBuster prior to 2.0.2-r3 allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via heap corruption.

Vulnerable Product	Search on Vulmon	Subscribe to Product
junkbuster internet junkbuster 2.0.2
junkbuster internet junkbuster 2.0.2_r2
junkbuster internet junkbuster 2.0.1

Debian Bug report logs - #304793 junkbuster: Attacker might be able to modify settings Package: junkbuster; Maintainer for junkbuster is (unknown); Reported by: Helge Kreutzmann <kreutzm@itpuni-hannoverde> Date: Fri, 15 Apr 2005 14:48:18 UTC Severity: grave Tags: security, woody Found in version 202-02 Fixed in versi ...

Several bugs have been found in junkbuster, a HTTP proxy and filter The Common Vulnerabilities and Exposures project identifies the following vulnerabilities: CAN-2005-1108 James Ranson discovered that an attacker can modify the referrer setting with a carefully crafted URL by accidentally overwriting a global variable CAN-2005-1109 ...

NVD-CWE-Other http://www.gentoo.org/security/en/glsa/glsa-200504-11.xml http://bugs.gentoo.org/show_bug.cgi?id=88537 http://www.securityfocus.com/bid/13146 http://www.osvdb.org/15503 http://secunia.com/advisories/14932/http://www.debian.org/security/2005/dsa-713 https://exchange.xforce.ibmcloud.com/vulnerabilities/20094 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=304793 https://nvd.nist.gov https://www.debian.org/security/./dsa-713

CVE-2005-1109

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect