CVE-2016-4054
Description
Buffer overflow in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allows remote attackers to execute arbitrary code via crafted Edge Side Includes (ESI) responses.
Risk Information
Base Score
8.1
MODERATE
Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
82.68
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Web proxy cache server (USN-2995-1) squid3_3.3.8-1ubuntu6.8_i386.deb | Linux |
| Web proxy cache server (USN-2995-1) squid3_3.3.8-1ubuntu16.3_i386.deb | Linux |
| Web proxy cache server (USN-2995-1) squid3_3.3.8-1ubuntu16.3_amd64.deb | Linux |
| Web proxy cache server (USN-2995-1) squid-cgi_3.3.8-1ubuntu16.3_i386.deb | Linux |
| Web proxy cache server (USN-2995-1) squid-cgi_3.3.8-1ubuntu16.3_amd64.deb | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234