Title: libproxy url::get_pac() Function proxy.pac Auto-Configuration File Handling Remote Overflow
Oct 22, 2012
libproxy is prone to an overflow condition. The url::get_pac() function fails to properly sanitize user-supplied input during the parsing of the proxy.pac auto-configuration file, which will reuslt in a stack-based buffer overflow. With a specially crafted auto-configuration file, a context-dependent attacker can potentially execute arbitrary code via a man-in-the-middle attack.