Description

The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and crash) via a crafted type in an (1) ICMP or (2) ICMP6 packet.

Remediation

References

CVE-2014-7141

Related Vulnerabilities

Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-8057)

Oracle JRE CVE-2018-2678 Vulnerability (CVE-2018-2678)

WordPress Plugin Vertical SlideShow Arbitrary File Upload (2.3)

Apache HTTP Server Improper Locking Vulnerability (CVE-2009-2699)

SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2024-38024)

Severity

Medium

Classification

CVE-2014-7141

Tags

Missing Update Known Vulnerabilities