Launchpad CVE tracker

CVE 2007-6239

The "cache update reply processing" functionality in Squid 2.x before 2.6.STABLE17 and Squid 3.0 allows remote attackers to cause a denial of service (crash) via unknown vectors related to HTTP headers and an Array memory leak during requests for cached objects.

Related bugs and status

CVE-2007-6239 (Candidate) is related to these bugs:

Bug #174352: [CVE-2007-6239] squid-2.X and squid-3.x are vulnerable

		In	Importance	Status
174352	[CVE-2007-6239] squid-2.X and squid-3.x are vulnerable	squid (Ubuntu)	Undecided	Fix Released
174352	[CVE-2007-6239] squid-2.X and squid-3.x are vulnerable	squid (Debian)	Unknown	Fix Released
174352	[CVE-2007-6239] squid-2.X and squid-3.x are vulnerable	squid3 (Ubuntu)	Undecided	Invalid
174352	[CVE-2007-6239] squid-2.X and squid-3.x are vulnerable	squid (Ubuntu Edgy)	Undecided	Invalid
174352	[CVE-2007-6239] squid-2.X and squid-3.x are vulnerable	squid3 (Ubuntu Edgy)	Undecided	Invalid
174352	[CVE-2007-6239] squid-2.X and squid-3.x are vulnerable	squid (Ubuntu Feisty)	Undecided	Fix Released
174352	[CVE-2007-6239] squid-2.X and squid-3.x are vulnerable	squid3 (Ubuntu Feisty)	Undecided	Fix Released
174352	[CVE-2007-6239] squid-2.X and squid-3.x are vulnerable	squid (Ubuntu Gutsy)	Undecided	Fix Released
174352	[CVE-2007-6239] squid-2.X and squid-3.x are vulnerable	squid3 (Ubuntu Gutsy)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2007-6239

References