Lucene search
HistoryApr 02, 2003 - 5:00 a.m.
CVE-2002-0847
cve-2002-0847
tinyproxy
http proxy
remote attackers
arbitrary code
memory
double-free
nvd
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.6 High
AI Score
Confidence
Low
0.019 Low
EPSS
Percentile
88.6%
tinyproxy HTTP proxy 1.5.0, 1.4.3, and earlier allows remote attackers to execute arbitrary code via memory that is freed twice (double-free).
Affected configurations
Node
tinyproxytinyproxyMatch1.3.2
ORtinyproxytinyproxyMatch1.3.3
ORtinyproxytinyproxyMatch1.4.3
| CPE | Name | Operator | Version |
|---|---|---|---|
| tinyproxy:tinyproxy | tinyproxy | eq | 1.3.2 |
| tinyproxy:tinyproxy | tinyproxy | eq | 1.3.3 |
| tinyproxy:tinyproxy | tinyproxy | eq | 1.4.3 |
Related
openvas
openvas
Debian: Security Advisory (DSA-145)
2008-01-17 00:00:00
Debian Security Advisory DSA 145-1 (tinyproxy)
2008-01-17 00:00:00
cvelist
cvelist
CVE-2002-0847
2003-04-02 05:00:00
debiancve
debiancve
CVE-2002-0847
2003-04-02 05:00:00
nvd
nvd
CVE-2002-0847
2002-08-12 04:00:00
osv
osv
tinyproxy - doubly freed memory
2002-08-07 00:00:00
nessus
nessus
Debian DSA-145-1 : tinyproxy - doubly freed memory
2004-09-29 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.6 High
AI Score
Confidence
Low
0.019 Low
EPSS
Percentile
88.6%
Related for CVE-2002-0847