CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2002-0847

HIGH
7.5
CVSS Severity Score
EPSS Score0.0980%
EPSS Percentile6.62th
Published2002年8月12日
Last Modified2026年4月16日

Vulnerability Description

tinyproxy HTTP proxy 1.5.0, 1.4.3, and earlier allows remote attackers to execute arbitrary code via memory that is freed twice (double-free).

Affected Platforms (CPE)

📦
Tinyproxy

Tinyproxy

= 1.3.2
📦
Tinyproxy

Tinyproxy

= 1.3.3
📦
Tinyproxy

Tinyproxy

= 1.4.3

References & Advisories

🔗 http://sourceforge.net/project/shownotes.php?release_id=88790
🔗 http://www.iss.net/security_center/static/9079.php
🔗 http://www.securityfocus.com/bid/4731
🔗 https://www.debian.org/security/2002/dsa-145
🔗 http://sourceforge.net/project/shownotes.php?release_id=88790
🔗 http://www.iss.net/security_center/static/9079.php
🔗 http://www.securityfocus.com/bid/4731
🔗 https://www.debian.org/security/2002/dsa-145

相關漏洞威脅

CVE-2001-012910.0

Buffer overflow in Tinyproxy HTTP proxy 1.3.3 and earlier allows remote attackers to cause a denial of service and possibly execut...

CVE-2011-18436.8

Integer overflow in conf.c in Tinyproxy before 1.8.3 might allow remote attackers to bypass intended access restrictions in opport...

CVE-2017-117475.5

main.c in Tinyproxy 1.8.4 and earlier creates a /run/tinyproxy/tinyproxy.pid file after dropping privileges to a non-root account,...

CVE-2012-35055.0

Tinyproxy 1.8.3 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via (1) a large numb...