Description

Multiple stack-based buffer overflows in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote HTTP servers to cause a denial of service or execute arbitrary code via crafted Edge Side Includes (ESI) responses.

Remediation

References

CVE-2016-4052

Related Vulnerabilities

WordPress Plugin CMS Tree Page View Security Bypass (1.3.4)

WordPress Plugin Battle Suit for Divi Security Bypass (1.10.1)

Apache HTTP Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2022-30522)

Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-2578)

Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-11584)

Severity

High

Classification

CVE-2016-4052 CWE-119 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities