Back to CVE Browser

CVE-2002-0847

HIGH

7.5

CVSS Severity Score

EPSS Score0.0980%

EPSS Percentile6.62th

PublishedAug 12, 2002

Last ModifiedApr 16, 2026

Vulnerability Description

tinyproxy HTTP proxy 1.5.0, 1.4.3, and earlier allows remote attackers to execute arbitrary code via memory that is freed twice (double-free).

Affected Platforms (CPE)

📦

Tinyproxy

Tinyproxy

= 1.3.2

📦

Tinyproxy

Tinyproxy

= 1.3.3

📦

Tinyproxy

Tinyproxy

= 1.4.3

References & Advisories

🔗 http://sourceforge.net/project/shownotes.php?release_id=88790

🔗 http://www.iss.net/security_center/static/9079.php

🔗 http://www.securityfocus.com/bid/4731

🔗 https://www.debian.org/security/2002/dsa-145

🔗 http://sourceforge.net/project/shownotes.php?release_id=88790

🔗 http://www.iss.net/security_center/static/9079.php

🔗 http://www.securityfocus.com/bid/4731

🔗 https://www.debian.org/security/2002/dsa-145

Related Vulnerabilities

CVE-2001-012910.0

Buffer overflow in Tinyproxy HTTP proxy 1.3.3 and earlier allows remote attackers to cause a denial of service and possibly execut...

CVE-2011-18436.8

Integer overflow in conf.c in Tinyproxy before 1.8.3 might allow remote attackers to bypass intended access restrictions in opport...

CVE-2017-117475.5

main.c in Tinyproxy 1.8.4 and earlier creates a /run/tinyproxy/tinyproxy.pid file after dropping privileges to a non-root account,...

CVE-2012-35055.0

Tinyproxy 1.8.3 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via (1) a large numb...