This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Detail | |||
|---|---|---|---|
| Vendor | Pps.Jussieu | First view | 2009-09-09 |
| Product | Polipo | Last view | 2009-12-24 |
| Version | 0.9.8 | Type | Application |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:pps.jussieu:polipo | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 5 | 2009-12-24 | CVE-2009-4413 | The httpClientDiscardBody function in client.c in Polipo 0.9.8, 0.9.12, 1.0.4, and possibly other versions, allows remote attackers to cause a denial of service (crash) via a request with a large Content-Length value, which triggers an integer overflow, a signed-to-unsigned conversion error with a negative value, and a segmentation fault. |
| 5 | 2009-09-09 | CVE-2008-7191 | Unspecified vulnerability in Polipo before 1.0.4 allows remote attackers to cause a denial of service (crash) via a long request URL. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 100% (1) | CWE-189 | Numeric Errors |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 60808 | Polipo client.c httpClientDiscardBody() Function Signedness Error Remote DoS |
| 39912 | Polipo Large URL Handling Remote DoS |
OpenVAS Exploits
| id | Description |
|---|---|
| 2009-12-08 | Name : Polipo Malformed HTTP GET Request Memory Corruption Vulnerability File : nvt/polipo_37226.nasl |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2010-02-24 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-2002.nasl - Type: ACT_GATHER_INFO |
