Published: 10/02/2015 Updated: 04/03/2015

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Multiple use-after-free vulnerabilities in Privoxy prior to 3.0.22 allow remote malicious users to have unspecified impact via vectors related to (1) the unmap function in list.c or (2) "two additional unconfirmed use-after-free complaints made by Coverity scan." NOTE: some of these details are obtained from third party information.

Vulnerable Product	Search on Vulmon	Subscribe to Product
privoxy privoxy

Debian Bug report logs - #775167 privoxy: CVE-2015-1030 CVE-2015-1031 Package: privoxy; Maintainer for privoxy is Roland Rosenfeld <roland@debianorg>; Source for privoxy is src:privoxy (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Mon, 12 Jan 2015 06:03:02 UTC Severity: grave Tags: fi ...

Multiple use-after-frees were discovered in Privoxy, a privacy-enhancing HTTP proxy For the stable distribution (wheezy), this problem has been fixed in version 3019-2+deb7u1 For the upcoming stable distribution (jessie), this problem will be fixed soon For the unstable distribution (sid), this problem has been fixed in version 3021-5 We re ...

NVD-CWE-Other http://secunia.com/advisories/62123 http://www.privoxy.org/announce.txt http://www.openwall.com/lists/oss-security/2015/01/11/1 http://www.debian.org/security/2015/dsa-3133 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775167 https://nvd.nist.gov https://www.debian.org/security/./dsa-3133

CVE-2015-1031

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect