Remote Code Execution Vulnerability in Squid 3.x and 4.x via Crafted ESI Responses

Remote Code Execution Vulnerability in Squid 3.x and 4.x via Crafted ESI Responses

CVE-2016-4054 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Buffer overflow in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allows remote attackers to execute arbitrary code via crafted Edge Side Includes (ESI) responses.

Learn more about our Web Application Penetration Testing UK.