CVE-2016-3947
high-risk
Published 2016-04-07
Heap-based buffer overflow in the Icmp6::Recv function in icmp/Icmp6.cc in the pinger utility in Squid before 3.5.16 and 4.x before 4.0.8 allows remote servers to cause a denial of service (performance degradation or transition failures) or write sensitive information to log files via an ICMPv6 packet.
Do I need to act?
!
75.4% chance of exploitation in next 30 days
EPSS score — higher than 25% of all CVEs
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.2/10
High
NETWORK
/ LOW complexity
Affected Products (12)
Affected Vendors
References (24)
Vendor Advisory
http://www.squid-cache.org/Advisories/SQUID-2016_3.txt
Vendor Advisory
http://www.squid-cache.org/Advisories/SQUID-2016_3.txt
and 4 more references
65
/ 100
high-risk
Severity
28/34 · Critical
Exploitability
20/34 · Moderate
Exposure
17/34 · Moderate