Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2005-4077

Опубликовано: 08 дек. 2005
Источник: nvd
CVSS2: 4.6
EPSS Низкий

Описание

Multiple off-by-one errors in the cURL library (libcurl) 7.11.2 through 7.15.0 allow local users to trigger a buffer overflow and cause a denial of service or bypass PHP security restrictions via certain URLs that (1) are malformed in a way that prevents a terminating null byte from being added to either a hostname or path buffer, or (2) contain a "?" separator in the hostname portion, which causes a "/" to be prepended to the resulting string.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:daniel_stenberg:curl:7.11.2:*:*:*:*:*:*:*
cpe:2.3:a:daniel_stenberg:curl:7.12:*:*:*:*:*:*:*
cpe:2.3:a:daniel_stenberg:curl:7.12.1:*:*:*:*:*:*:*
cpe:2.3:a:daniel_stenberg:curl:7.12.2:*:*:*:*:*:*:*
cpe:2.3:a:daniel_stenberg:curl:7.12.3:*:*:*:*:*:*:*
cpe:2.3:a:daniel_stenberg:curl:7.13:*:*:*:*:*:*:*
cpe:2.3:a:daniel_stenberg:curl:7.13.1:*:*:*:*:*:*:*
cpe:2.3:a:daniel_stenberg:curl:7.13.2:*:*:*:*:*:*:*
cpe:2.3:a:daniel_stenberg:curl:7.14:*:*:*:*:*:*:*
cpe:2.3:a:daniel_stenberg:curl:7.14.1:*:*:*:*:*:*:*
cpe:2.3:a:daniel_stenberg:curl:7.15:*:*:*:*:*:*:*

EPSS

Процентиль: 50%
0.00266
Низкий

4.6 Medium

CVSS2

Дефекты

CWE-189

Связанные уязвимости

ubuntu логотип

CVE-2005-4077

ubuntu
больше 19 лет назад

Multiple off-by-one errors in the cURL library (libcurl) 7.11.2 through 7.15.0 allow local users to trigger a buffer overflow and cause a denial of service or bypass PHP security restrictions via certain URLs that (1) are malformed in a way that prevents a terminating null byte from being added to either a hostname or path buffer, or (2) contain a "?" separator in the hostname portion, which causes a "/" to be prepended to the resulting string.

redhat логотип

CVE-2005-4077

redhat
больше 19 лет назад

Multiple off-by-one errors in the cURL library (libcurl) 7.11.2 through 7.15.0 allow local users to trigger a buffer overflow and cause a denial of service or bypass PHP security restrictions via certain URLs that (1) are malformed in a way that prevents a terminating null byte from being added to either a hostname or path buffer, or (2) contain a "?" separator in the hostname portion, which causes a "/" to be prepended to the resulting string.

debian логотип

CVE-2005-4077

debian
больше 19 лет назад

Multiple off-by-one errors in the cURL library (libcurl) 7.11.2 throug ...

github логотип

GHSA-c4xg-24hh-cq78

github
больше 3 лет назад

Multiple off-by-one errors in the cURL library (libcurl) 7.11.2 through 7.15.0 allow local users to trigger a buffer overflow and cause a denial of service or bypass PHP security restrictions via certain URLs that (1) are malformed in a way that prevents a terminating null byte from being added to either a hostname or path buffer, or (2) contain a "?" separator in the hostname portion, which causes a "/" to be prepended to the resulting string.

fstec логотип

BDU:2015-09491

fstec
больше 19 лет назад

Уязвимости операционной системы Gentoo Linux, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

EPSS

Процентиль: 50%
0.00266
Низкий

4.6 Medium

CVSS2

Дефекты

CWE-189