Format string vulnerability in the print_proxies function in bin/proxy.c in libproxy 0.3.1 might allow context-dependent malicious users to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in a proxy name, as demonstrated using the http_proxy environment variable or a PAC file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
libproxy project libproxy 0.3.1 |