tinyproxy HTTP Proxy Memory Corruption Vulnerability

info
discussion
exploit
solution
references

tinyproxy HTTP Proxy Memory Corruption Vulnerability

tinyproxy HTTP Proxy is a small HTTP proxy.

A vulnerability has been reported in the handling of some invalid proxy requests by tinyproxy. Under some circumstances, an invalid request may result in a allocated memory being freed twice. Execution of arbitrary code may be possible.