SUSE Linux Security Vulnerability: CVE-2012-4505
10
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
11/11/2012
07/25/2018
12/12/2013
07/04/2017
Description
Heap-based buffer overflow in the px_pac_reload function in lib/pac.c in libproxy 0.2.x and 0.3.x allows remote servers to have an unspecified impact via a crafted Content-Length size in an HTTP response header for a proxy.pac file request, a different vulnerability than CVE-2012-4504.
Solution(s)
- suse-upgrade-libproxy
- suse-upgrade-libproxy-debugsource
- suse-upgrade-libproxy-devel
- suse-upgrade-libproxy-plugins
- suse-upgrade-libproxy-plugins-debugsource
- suse-upgrade-libproxy-sharp
- suse-upgrade-libproxy-tools
- suse-upgrade-libproxy-tools-debuginfo
- suse-upgrade-libproxy0
- suse-upgrade-libproxy0-32bit
- suse-upgrade-libproxy0-config-gnome
- suse-upgrade-libproxy0-config-gnome-32bit
- suse-upgrade-libproxy0-config-kde4
- suse-upgrade-libproxy0-networkmanager
- suse-upgrade-libproxy0-networkmanager-32bit
- suse-upgrade-libproxy0-x86
- suse-upgrade-libproxy1
- suse-upgrade-libproxy1-32bit
- suse-upgrade-libproxy1-config-gnome3
- suse-upgrade-libproxy1-config-gnome3-32bit
- suse-upgrade-libproxy1-config-gnome3-debuginfo
- suse-upgrade-libproxy1-config-gnome3-debuginfo-32bit
- suse-upgrade-libproxy1-config-gnome3-debuginfo-x86
- suse-upgrade-libproxy1-config-gnome3-x86
- suse-upgrade-libproxy1-config-kde4
- suse-upgrade-libproxy1-config-kde4-32bit
- suse-upgrade-libproxy1-config-kde4-debuginfo
- suse-upgrade-libproxy1-config-kde4-debuginfo-32bit
- suse-upgrade-libproxy1-config-kde4-debuginfo-x86
- suse-upgrade-libproxy1-config-kde4-x86
- suse-upgrade-libproxy1-debuginfo
- suse-upgrade-libproxy1-debuginfo-32bit
- suse-upgrade-libproxy1-debuginfo-x86
- suse-upgrade-libproxy1-networkmanager
- suse-upgrade-libproxy1-networkmanager-32bit
- suse-upgrade-libproxy1-networkmanager-debuginfo
- suse-upgrade-libproxy1-networkmanager-debuginfo-32bit
- suse-upgrade-libproxy1-networkmanager-debuginfo-x86
- suse-upgrade-libproxy1-networkmanager-x86
- suse-upgrade-libproxy1-pacrunner-mozjs
- suse-upgrade-libproxy1-pacrunner-mozjs-32bit
- suse-upgrade-libproxy1-pacrunner-mozjs-debuginfo
- suse-upgrade-libproxy1-pacrunner-mozjs-debuginfo-32bit
- suse-upgrade-libproxy1-pacrunner-mozjs-debuginfo-x86
- suse-upgrade-libproxy1-pacrunner-mozjs-x86
- suse-upgrade-libproxy1-pacrunner-webkit
- suse-upgrade-libproxy1-pacrunner-webkit-32bit
- suse-upgrade-libproxy1-pacrunner-webkit-debuginfo
- suse-upgrade-libproxy1-pacrunner-webkit-debuginfo-32bit
- suse-upgrade-libproxy1-pacrunner-webkit-debuginfo-x86
- suse-upgrade-libproxy1-pacrunner-webkit-x86
- suse-upgrade-libproxy1-x86
- suse-upgrade-perl-net-libproxy
- suse-upgrade-perl-net-libproxy-debuginfo
- suse-upgrade-python-libproxy
- suse-upgrade-sle-sdk-release
Advanced vulnerability management analytics and reporting.
Key Features
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center