A vulnerability has been discovered in CCProxy, which potentially can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to a boundary error in the processing of "CONNECT" requests sent to the HTTP proxy (listening on TCP port 808 by default). This can be exploited to cause a stack-based buffer overflow via a "CONNECT" request having an overly long hostname.
Successful exploitation may allow execution of arbitrary code.
The vulnerability is confirmed in version 6.61. Prior versions may also be affected.