Squid before 4.4 has XSS via a crafted X.509 certificate during HTTP error page generation for certificate errors. A memory leak was discovered in the way Squid handles SNMP denied queries. A remote attacker may use this flaw to exhaust the resources on the server machine