The strHdrAcptLangGetItem function in errorpage.cc in Squid 3.2.x before 3.2.9 and 3.3.x before 3.3.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a "," character in an Accept-Language header.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2013-09-30T20:00:00Z

Updated: 2024-08-06T15:13:33.008Z

Reserved: 2013-02-19T00:00:00Z

Link: CVE-2013-1839

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2013-09-30T22:55:04.633

Modified: 2024-11-21T01:50:29.613

Link: CVE-2013-1839

cve-icon Redhat

Severity : Moderate

Publid Date: 2013-03-05T00:00:00Z

Links: CVE-2013-1839 - Bugzilla