CVE-2019-25078

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions pacparser versions up to 1.3.x

Description A problematic vulnerability was found in pacparser, affecting the pacparser find proxy function of the file src/pacparser.c. The manipulation of the url argument leads to buffer overflow. This issue requires local attacking.

Recommendations For versions up to 1.3.x, upgrade to version 1.4.0 to address this issue. As a temporary workaround, consider restricting the use of the pacparser find proxy function until the upgrade is applied.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-120

Related Identifiers

CVE-2019-25078

PYSEC-2022-43062

Affected Products

Debian

Pacparser

CVE-2019-25078

Weakness Enumeration

Related Identifiers

Affected Products

References · 15