Description

Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote attackers to obtain sensitive stack layout information via crafted Edge Side Includes (ESI) responses, related to incorrect use of assert and compiler optimization.

Remediation

References

CVE-2016-4053

Related Vulnerabilities

Claroline Other Vulnerability (CVE-2006-2284)

Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2007-5594)

WordPress Plugin Events Made Easy SQL Injection (2.2.35)

Jenkins Insufficient Session Expiration Vulnerability (CVE-2019-1003004)

WordPress Plugin MediaPress Security Bypass (1.1.9)

Severity

Low

Classification

CVE-2016-4053 CWE-119 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities