Description
Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 does not properly enforce "buffer limits and related bound checks," which allows remote attackers to cause a denial of service via (1) an incomplete request or (2) a request with a large header size, related to (a) HttpMsg.cc and (b) client_side.cc.
Remediation
References
Related Vulnerabilities
PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-8393)
WordPress Plugin Amelia-Events & Appointments Booking Calendar Cross-Site Scripting (1.0.46)
WordPress Plugin IzeeChat-Live Chat Cross-Site Scripting (1.0)
MySQL Use of Externally-Controlled Format String Vulnerability (CVE-2009-2446)