Summary
Multiple use-after-frees were discovered
in Privoxy, a privacy-enhancing HTTP proxy.
Solution
For the stable distribution (wheezy),
this problem has been fixed in version 3.0.19-2+deb7u1.
For the upcoming stable distribution (jessie), this problem will be fixed soon.
For the unstable distribution (sid), this problem has been fixed in version 3.0.21-5.
We recommend that you upgrade your privoxy packages.
Insight
Privoxy is a web proxy with advanced
filtering capabilities for protecting privacy, filtering web page content, managing cookies, controlling access, and removing ads, banners, pop-ups and other obnoxious Internet junk. Privoxy has a very flexible configuration and can be customized to suit individual needs and tastes. Privoxy has application for both stand-alone systems and multi-user networks.
Affected
privoxy on Debian Linux
Detection
This check tests the installed software version using the apt package manager.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2015-1031 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities