Lucene search

[email protected]NVD:CVE-2013-2503

HistoryMar 11, 2013 - 5:55 p.m.

CVE-2013-2503

2013-03-1117:55:01

CWE-20

[email protected]

web.nvd.nist.gov

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

AI Score

7.3

Confidence

High

EPSS

0.014

Percentile

86.6%

JSON

Privoxy before 3.0.21 does not properly handle Proxy-Authenticate and Proxy-Authorization headers in the client-server data stream, which makes it easier for remote HTTP servers to spoof the intended proxy service via a 407 (aka Proxy Authentication Required) HTTP status code.

Affected configurations

Nvd

Node

privoxyprivoxyRange≤3.0.20beta

privoxyprivoxyMatch2.9.0pre-alpha

privoxyprivoxyMatch2.9.1pre-alpha

privoxyprivoxyMatch2.9.2pre-alpha

privoxyprivoxyMatch2.9.3pre-alpha

privoxyprivoxyMatch2.9.11alpha

privoxyprivoxyMatch2.9.11beta

privoxyprivoxyMatch2.9.11pre-alpha

privoxyprivoxyMatch2.9.12beta

privoxyprivoxyMatch2.9.13beta

privoxyprivoxyMatch2.9.14beta

privoxyprivoxyMatch2.9.16

privoxyprivoxyMatch2.9.18

privoxyprivoxyMatch3.0

privoxyprivoxyMatch3.0.2

privoxyprivoxyMatch3.0.3

privoxyprivoxyMatch3.0.5beta

privoxyprivoxyMatch3.0.6

privoxyprivoxyMatch3.0.7beta

privoxyprivoxyMatch3.0.8

privoxyprivoxyMatch3.0.9beta

privoxyprivoxyMatch3.0.10

privoxyprivoxyMatch3.0.11

privoxyprivoxyMatch3.0.12

privoxyprivoxyMatch3.0.13beta

privoxyprivoxyMatch3.0.14beta

privoxyprivoxyMatch3.0.15beta

privoxyprivoxyMatch3.0.16

privoxyprivoxyMatch3.0.17

privoxyprivoxyMatch3.0.18

privoxyprivoxyMatch3.0.19

VendorProductVersionCPE
privoxyprivoxy*cpe:2.3:a:privoxy:privoxy:*:beta:*:*:*:*:*:*
privoxyprivoxy2.9.0cpe:2.3:a:privoxy:privoxy:2.9.0:pre-alpha:*:*:*:*:*:*
privoxyprivoxy2.9.1cpe:2.3:a:privoxy:privoxy:2.9.1:pre-alpha:*:*:*:*:*:*
privoxyprivoxy2.9.2cpe:2.3:a:privoxy:privoxy:2.9.2:pre-alpha:*:*:*:*:*:*
privoxyprivoxy2.9.3cpe:2.3:a:privoxy:privoxy:2.9.3:pre-alpha:*:*:*:*:*:*
privoxyprivoxy2.9.11cpe:2.3:a:privoxy:privoxy:2.9.11:alpha:*:*:*:*:*:*
privoxyprivoxy2.9.11cpe:2.3:a:privoxy:privoxy:2.9.11:beta:*:*:*:*:*:*
privoxyprivoxy2.9.11cpe:2.3:a:privoxy:privoxy:2.9.11:pre-alpha:*:*:*:*:*:*
privoxyprivoxy2.9.12cpe:2.3:a:privoxy:privoxy:2.9.12:beta:*:*:*:*:*:*
privoxyprivoxy2.9.13cpe:2.3:a:privoxy:privoxy:2.9.13:beta:*:*:*:*:*:*

Vendor	Product	Version	CPE
privoxy	privoxy	*	cpe:2.3:a:privoxy:privoxy::beta::::::*
privoxy	privoxy	2.9.0	cpe:2.3:a:privoxy:privoxy:2.9.0:pre-alpha::::::
privoxy	privoxy	2.9.1	cpe:2.3:a:privoxy:privoxy:2.9.1:pre-alpha::::::
privoxy	privoxy	2.9.2	cpe:2.3:a:privoxy:privoxy:2.9.2:pre-alpha::::::
privoxy	privoxy	2.9.3	cpe:2.3:a:privoxy:privoxy:2.9.3:pre-alpha::::::
privoxy	privoxy	2.9.11	cpe:2.3:a:privoxy:privoxy:2.9.11:alpha::::::
privoxy	privoxy	2.9.11	cpe:2.3:a:privoxy:privoxy:2.9.11:beta::::::
privoxy	privoxy	2.9.11	cpe:2.3:a:privoxy:privoxy:2.9.11:pre-alpha::::::
privoxy	privoxy	2.9.12	cpe:2.3:a:privoxy:privoxy:2.9.12:beta::::::
privoxy	privoxy	2.9.13	cpe:2.3:a:privoxy:privoxy:2.9.13:beta::::::