Page 4 of 19 results (0.004 seconds)

CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0

curl and libcurl before 7.57.0 on 32-bit platforms allow attackers to cause a denial of service (out-of-bounds access and application crash) or possibly have unspecified other impact because too little memory is allocated for interfacing to an SSL library. curl y libcurl en versiones anteriores a la 7.57.0 en plataformas de 32 bits permiten que los atacantes provoquen una denegación de servicio (acceso fuera de límites y cierre inesperado de la aplicación) o, posiblemente, provoquen otro impacto porque se asigna demasiado poca memoria para interconectarse con una librería SSL. • http://security.cucumberlinux.com/security/details.php?id=163 http://www.securityfocus.com/bid/102014 http://www.securitytracker.com/id/1039898 https://curl.haxx.se/docs/adv_2017-af0a.html https://security.gentoo.org/glsa/201712-04 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.8EPSS: 4%CPEs: 4EXPL: 0

The NTLM authentication feature in curl and libcurl before 7.57.0 on 32-bit platforms allows attackers to cause a denial of service (integer overflow and resultant buffer overflow, and application crash) or possibly have unspecified other impact via vectors involving long user and password fields. La característica de autenticación NTLM en curl y libcurl en versiones anteriores a la 7.57.0 en plataformas de 32-bits permite que los atacantes provoquen una denegación de servicio (desbordamiento de enteros y desbordamiento de búfer resultante, y cierre inesperado de la aplicación) o que, posiblemente, causen otro tipo de impacto sin especificar mediante vectores relacionados con campos user y password largos. • http://security.cucumberlinux.com/security/details.php?id=161 http://www.securityfocus.com/bid/101998 http://www.securitytracker.com/id/1039896 http://www.securitytracker.com/id/1040608 https://access.redhat.com/errata/RHSA-2018:3558 https://curl.haxx.se/docs/adv_2017-12e7.html https://security.gentoo.org/glsa/201712-04 https://www.debian.org/security/2017/dsa-4051 https://access.redhat.com/security/cve/CVE-2017-8816 https://bugzilla.redhat.com/show_bug.cgi?id=1515757 • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •

CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0

The FTP wildcard function in curl and libcurl before 7.57.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a string that ends with an '[' character. La función FTP wildcard en curl y libcurl en versiones anteriores a la 7.57.0 permite que atacantes remotos provoquen una denegación de servicio (lectura fuera de límites y cierre inesperado de aplicación) o, probablemente, causen cualquier otro tipo de impacto mediante una cadena que termina con un carácter "[". • http://security.cucumberlinux.com/security/details.php?id=162 http://www.securityfocus.com/bid/102057 http://www.securitytracker.com/id/1039897 https://access.redhat.com/errata/RHSA-2018:3558 https://curl.haxx.se/docs/adv_2017-ae72.html https://lists.debian.org/debian-lts-announce/2017/11/msg00040.html https://security.gentoo.org/glsa/201712-04 https://www.debian.org/security/2017/dsa-4051 https://access.redhat.com/security/cve/CVE-2017-8817 https://bugzilla.redhat.com& • CWE-125: Out-of-bounds Read •

CVSS: 9.1EPSS: 2%CPEs: 3EXPL: 0

An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that (non-existing) data with a pointer and the size (zero) to the deliver-data function. libcurl's deliver-data function treats zero as a magic number and invokes strlen() on the data to figure out the length. The strlen() is called on a heap based buffer that might not be zero terminated so libcurl might read beyond the end of it into whatever memory lies after (or just crash) and then deliver that to the application as if it was actually downloaded. Una línea de respuesta IMAP FETCH indica el tamaño de los datos devueltos en número de bytes. Cuando una respuesta indica que el tamaño de los datos es cero bytes, libcurl pasaría esos datos (inexistentes) con un puntero y el tamaño (cero) a la función deliver-data. • http://www.debian.org/security/2017/dsa-4007 http://www.securityfocus.com/bid/101519 http://www.securitytracker.com/id/1039644 https://access.redhat.com/errata/RHSA-2017:3263 https://access.redhat.com/errata/RHSA-2018:2486 https://access.redhat.com/errata/RHSA-2018:3558 https://curl.haxx.se/docs/adv_20171023.html https://security.gentoo.org/glsa/201712-04 https://access.redhat.com/security/cve/CVE-2017-1000257 https://bugzilla.redhat.com/show_bug.cgi?id=1503705 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •