Описание
ELSA-2013-0983: curl security update (MODERATE)
[7.19.7-37]
- fix heap-based buffer overflow in curl_easy_unescape() (CVE-2013-2174)
Обновленные пакеты
Oracle Linux 5
Oracle Linux ia64
curl
7.15.5-17.el5_9
curl-devel
7.15.5-17.el5_9
Oracle Linux x86_64
curl
7.15.5-17.el5_9
curl-devel
7.15.5-17.el5_9
Oracle Linux i386
curl
7.15.5-17.el5_9
curl-devel
7.15.5-17.el5_9
Oracle Linux 6
Oracle Linux x86_64
curl
7.19.7-37.el6_4
libcurl
7.19.7-37.el6_4
libcurl-devel
7.19.7-37.el6_4
Oracle Linux i686
curl
7.19.7-37.el6_4
libcurl
7.19.7-37.el6_4
libcurl-devel
7.19.7-37.el6_4
Связанные CVE
Связанные уязвимости
Heap-based buffer overflow in the curl_easy_unescape function in lib/escape.c in cURL and libcurl 7.7 through 7.30.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string ending in a "%" (percent) character.
Heap-based buffer overflow in the curl_easy_unescape function in lib/escape.c in cURL and libcurl 7.7 through 7.30.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string ending in a "%" (percent) character.
Heap-based buffer overflow in the curl_easy_unescape function in lib/escape.c in cURL and libcurl 7.7 through 7.30.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string ending in a "%" (percent) character.
Heap-based buffer overflow in the curl_easy_unescape function in lib/e ...
Heap-based buffer overflow in the curl_easy_unescape function in lib/escape.c in cURL and libcurl 7.7 through 7.30.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string ending in a "%" (percent) character.