cURL Buffer Overflow Vulnerability

Last Update Date: 14 Feb 2013 17:42 Release Date: 14 Feb 2013 4579 Views

RISK: High Risk

High Risk

TYPE: Clients - Productivity Products

TYPE: Productivity Products

A vulnerability has been identified in cURL. A remote user can execute arbitrary code on the target system.

 

A remote server can return specially crafted data via POP3, SMTP, or IMAP to trigger a buffer overflow in Curl_sasl_create_digest_md5_message() and execute arbitrary code on the target system.

Impact

  • Remote Code Execution
  • LAN Based Remote Code Execution

System / Technologies affected

  • cURL version 7.26.0 - 7.28.1

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Microsoft Windows CSRSS Reference Count Vulnerability

14 Feb 2013 4121 Views

Next

Adobe Flash Player Multiple Vulnerabilities

14 Feb 2013 4604 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY