Loading
Squid 2.7 to 2.7.STABLE5, 3.0 to 3.0.STABLE12, and 3.1 to 3.1.0.4 allows remote attackers to cause a denial of service via an HTTP request with an invalid version number, which triggers a reachable assertion in (1) HttpMsg.c and (2) HttpStatusLine.c.
Use CWE-20, Squid vendor hub and Squid product page to widen CVE-2009-0478 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2005-1711, CVE-2005-1519 and CVE-2007-1560 for nearby disclosures in the same product family.