Description

Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 through 3.5.22, and 4.0.1 through 4.0.16 results in Collapsed Forwarding feature mistakenly identifying some private responses as being suitable for delivery to multiple clients.

Remediation

References

CVE-2016-10003

Related Vulnerabilities

WordPress Plugin Simple Gmail Login Stack Trace Information Disclosure (1.1.3)

Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4554)

Oracle Application Server Improper Authentication Vulnerability (CVE-2002-0563)

Oracle Database Server CVE-2009-1007 Vulnerability (CVE-2009-1007)

WordPress Plugin Unlimited Elements For Elementor (Free Widgets, Addons, Templates) SQL Injection (1.5.109)

Severity

High

Classification

CVE-2016-10003 CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities