CVE-2007-6239

EPSS 9.0%

squid - array bounds check

Published: 12/4/2007Modified: 4/28/2026

Description

The "cache update reply processing" functionality in Squid 2.x before 2.6.STABLE17 and Squid 3.0 allows remote attackers to cause a denial of service (crash) via unknown vectors related to HTTP headers and an Array memory leak during requests for cached objects.

Affected packages (3)

Debian/squidfrom 0, < 2.6.17-1
Debian/squidfrom 0, < 2.6.5-6etch1
Debian/squidfrom 0, < 2.6.5-6etch4

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2007-6239