cbcvebase.
CVE-2016-4052
published 2016-04-25

CVE-2016-4052: Multiple stack-based buffer overflows in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote HTTP servers to cause a denial of service or execute…

PriorityP353high8.1CVSS 3.0
AVNACHPRNUINSUCHIHAH
EPSS
12.87%
95.8th percentile
Multiple stack-based buffer overflows in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote HTTP servers to cause a denial of service or execute arbitrary code via crafted Edge Side Includes (ESI) responses.

Affected

145 ranges· showing 25
VendorProductVersion rangeFixed in
canonicalubuntu_linux
canonicalubuntu_linux
canonicalubuntu_linux
canonicalubuntu_linux
debiansquid
squid-cachesquid
squid-cachesquid
squid-cachesquid
squid-cachesquid
squid-cachesquid
squid-cachesquid
squid-cachesquid
squid-cachesquid
squid-cachesquid
squid-cachesquid
squid-cachesquid
squid-cachesquid
squid-cachesquid
squid-cachesquid
squid-cachesquid
squid-cachesquid
squid-cachesquid
squid-cachesquid
squid-cachesquid
squid-cachesquid

CVSS provenance

nvdv3.08.1HIGHCVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv8.2HIGH
vendor_ubuntu8.2HIGH
vendor_debian8.1LOW
vendor_redhat8.1HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.