CVE-2012-4505

Common Vulnerabilities and Exposures

Upstream information

CVE-2012-4505 at MITRE

Description

Heap-based buffer overflow in the px_pac_reload function in lib/pac.c in libproxy 0.2.x and 0.3.x allows remote servers to have an unspecified impact via a crafted Content-Length size in an HTTP response header for a proxy.pac file request, a different vulnerability than CVE-2012-4504.

NVD CVSS v2 Base Score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

Novell/SUSE information

Novell Bugzilla entry: 784523

SUSE Security Advisories:

openSUSE-SU-2012:1375-1, published Mon, 22 Oct 2012 12:08:31 +0200 (CEST)

List of released packages

Product(s)	Fixed package version(s)	References
SUSE Linux Enterprise Software Development Kit 11 SP2	`libproxy-devel >= 0.3.1-2.6.1`	sle11-sp2-sdk.ppc sle11-sp2-sdk.x86-64 sles11-sp2-vmware.x86 sled11-sp2.x86-64 sles11-sp2.ppc sles11-sp2.s390x sled11-sp2.x86 sles11-sp2-vmware.x86-64 sles11-sp2.x86 sle11-sp2-sdk.x86 sle11-sp2-sdk.ia64 sle11-sp2-sdk.s390x sles11-sp2.ia64 sles11-sp2.x86-64 SAT Patch Nr: 7092
SUSE Linux Enterprise Desktop 11 SP2	`libproxy0 >= 0.3.1-2.6.1` `libproxy0-32bit >= 0.3.1-2.6.1` `libproxy0-config-gnome >= 0.3.1-2.6.3` `libproxy0-config-gnome-32bit >= 0.3.1-2.6.3` `libproxy0-config-kde4 >= 0.3.1-2.6.3` `libproxy0-networkmanager >= 0.3.1-2.6.3` `libproxy0-networkmanager-32bit >= 0.3.1-2.6.3`	sle11-sp2-sdk.ppc sle11-sp2-sdk.x86-64 sles11-sp2-vmware.x86 sled11-sp2.x86-64 sles11-sp2.ppc sles11-sp2.s390x sled11-sp2.x86 sles11-sp2-vmware.x86-64 sles11-sp2.x86 sle11-sp2-sdk.x86 sle11-sp2-sdk.ia64 sle11-sp2-sdk.s390x sles11-sp2.ia64 sles11-sp2.x86-64 SAT Patch Nr: 7092
SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware	`libproxy0 >= 0.3.1-2.6.1` `libproxy0-config-gnome >= 0.3.1-2.6.3` `libproxy0-config-kde4 >= 0.3.1-2.6.3` `libproxy0-networkmanager >= 0.3.1-2.6.3`	sle11-sp2-sdk.ppc sle11-sp2-sdk.x86-64 sles11-sp2-vmware.x86 sled11-sp2.x86-64 sles11-sp2.ppc sles11-sp2.s390x sled11-sp2.x86 sles11-sp2-vmware.x86-64 sles11-sp2.x86 sle11-sp2-sdk.x86 sle11-sp2-sdk.ia64 sle11-sp2-sdk.s390x sles11-sp2.ia64 sles11-sp2.x86-64 SAT Patch Nr: 7092
SUSE Linux Enterprise Server 11 SP2	`libproxy0 >= 0.3.1-2.6.1` `libproxy0-config-gnome >= 0.3.1-2.6.3` `libproxy0-config-kde4 >= 0.3.1-2.6.3` `libproxy0-networkmanager >= 0.3.1-2.6.3` `libproxy0-x86 >= 0.3.1-2.6.1`	sle11-sp2-sdk.ppc sle11-sp2-sdk.x86-64 sles11-sp2-vmware.x86 sled11-sp2.x86-64 sles11-sp2.ppc sles11-sp2.s390x sled11-sp2.x86 sles11-sp2-vmware.x86-64 sles11-sp2.x86 sle11-sp2-sdk.x86 sle11-sp2-sdk.ia64 sle11-sp2-sdk.s390x sles11-sp2.ia64 sles11-sp2.x86-64 SAT Patch Nr: 7092
SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware	`libproxy0 >= 0.3.1-2.6.1` `libproxy0-32bit >= 0.3.1-2.6.1` `libproxy0-config-gnome >= 0.3.1-2.6.3` `libproxy0-config-kde4 >= 0.3.1-2.6.3` `libproxy0-networkmanager >= 0.3.1-2.6.3`	sle11-sp2-sdk.ppc sle11-sp2-sdk.x86-64 sles11-sp2-vmware.x86 sled11-sp2.x86-64 sles11-sp2.ppc sles11-sp2.s390x sled11-sp2.x86 sles11-sp2-vmware.x86-64 sles11-sp2.x86 sle11-sp2-sdk.x86 sle11-sp2-sdk.ia64 sle11-sp2-sdk.s390x sles11-sp2.ia64 sles11-sp2.x86-64 SAT Patch Nr: 7092

Products

Products By Category

Collaboration

Endpoint Management

File & Networking Services

Services & Support

Help Yourself

Let Us Help

Download

IT Consulting

Technical Training

Customer Center

Contribute

Partners

Partner With Novell

PartnerNet

Find a Partner

Developers

Communities

About Novell

How to Buy