CVE-2005-1109 — Internet Junkbuster vulnerability

3 documents3 sources

Severity

7.5HIGHNVD

EPSS

3.3%

top 12.76%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Junkbuster Internet Junkbuster Debian Privoxy

Timeline

PublishedMay 2

Latest updateMay 1

Description

The filtering of URLs in JunkBuster before 2.0.2-r3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via heap corruption.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

▶NVDjunkbuster/internet_junkbuster2.0.1, 2.0.2, 2.0.2_r2+2

▶debiandebian/privoxy

Patches

Patch: bugs.gentoo.org ↗Patch: www.debian.org ↗Patch: www.gentoo.org ↗

🔴Vulnerability Details

GHSA

GHSA-g6m4-h5xc-jf72: The filtering of URLs in JunkBuster before 2↗2022-05-01

▶

📋Vendor Advisories

Debian

CVE-2005-1109: privoxy - The filtering of URLs in JunkBuster before 2.0.2-r3 allows remote attackers to c...↗2005

▶