CVE-2012-5580

描述

Format string vulnerability in the print_proxies function in bin/proxy.c in libproxy 0.3.1 might allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in a proxy name, as demonstrated using the http_proxy environment variable or a PAC file.

受影響套件(1)

• Debian/libproxyfrom 0, < 0.3.1-4

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2012-5580