Description

HttpHdrRange.cc in Squid 3.x before 3.3.12 and 3.4.x before 3.4.6 allows remote attackers to cause a denial of service (crash) via a request with crafted "Range headers with unidentifiable byte-range values."

Remediation

References

CVE-2014-3609

Related Vulnerabilities

Apache HTTP Server Insertion of Sensitive Information into Log File Vulnerability (CVE-2001-1556)

Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-16862)

WordPress Plugin My Calendar Cross-Site Scripting (2.4.18)

ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-22871)

ownCloud Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-4753)

Severity

Medium

Classification

CVE-2014-3609 CWE-20

Tags

Missing Update Known Vulnerabilities