Vulnerability Description
Multiple use-after-free vulnerabilities in Privoxy before 3.0.22 allow remote attackers to have unspecified impact via vectors related to (1) the unmap function in list.c or (2) "two additional unconfirmed use-after-free complaints made by Coverity scan." NOTE: some of these details are obtained from third party information.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Privoxy | Privoxy | <= 3.0.21 |
References
- http://secunia.com/advisories/62123
- http://www.debian.org/security/2015/dsa-3133Vendor Advisory
- http://www.openwall.com/lists/oss-security/2015/01/11/1
- http://www.privoxy.org/announce.txtPatchVendor Advisory
- http://secunia.com/advisories/62123
- http://www.debian.org/security/2015/dsa-3133Vendor Advisory
- http://www.openwall.com/lists/oss-security/2015/01/11/1
- http://www.privoxy.org/announce.txtPatchVendor Advisory
FAQ
What is CVE-2015-1031?
CVE-2015-1031 is a vulnerability with a CVSS score of 7.5 (HIGH). Multiple use-after-free vulnerabilities in Privoxy before 3.0.22 allow remote attackers to have unspecified impact via vectors related to (1) the unmap function in list.c or (2) "two additional unconf...
How severe is CVE-2015-1031?
CVE-2015-1031 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-1031?
Check the references section above for vendor advisories and patch information. Affected products include: Privoxy Privoxy.