Description

Due to incorrect string termination, Squid cachemgr.cgi 4.0 through 4.7 may access unallocated memory. On systems with memory access protections, this can cause the CGI process to terminate unexpectedly, resulting in a denial of service for all clients using it.

Remediation

References

CVE-2019-12854

Related Vulnerabilities

WordPress 4.1.x Same Origin Method Execution (SOME) Vulnerability (4.1 - 4.1.10)

WordPress Plugin Forminator-Contact Form, Payment Form & Custom Form Builder SQL Injection (1.29.2)

phpMyAdmin 7PK - Security Features Vulnerability (CVE-2016-9850)

WordPress Plugin MStore API-Create Native Android & iOS Apps On The Cloud Security Bypass (4.14.7)

WordPress Plugin Export any WordPress data to XML/CSV Arbitrary File Upload (0.9)

Severity

High

Classification

CVE-2019-12854 CWE-119 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities