CVE-2014-3707

Опубликовано: 05 нояб. 2014

Источник: redhat

CVSS2: 4

Описание

The curl_easy_duphandle function in libcurl 7.17.1 through 7.38.0, when running with the CURLOPT_COPYPOSTFIELDS option, does not properly copy HTTP POST data for an easy handle, which triggers an out-of-bounds read that allows remote web servers to read sensitive memory information.

A flaw was found in the way the libcurl library performed the duplication of connection handles. If an application set the CURLOPT_COPYPOSTFIELDS option for a handle, using the handle's duplicate could cause the application to crash or disclose a portion of its memory.

Отчет

This issue does not affect the versions of curl as shipped with Red Hat Enterprise Linux 5. Note that there are no applications provided with Red Hat Enterprise Linux that use the vulnerable CURLOPT_COPYPOSTFIELDS option, except PHP which could only be affected if used in an extremely unlikely scenario or via the script's author.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 5	curl	Not affected
Red Hat Enterprise Virtualization 3	mingw-virt-viewer	Fix deferred
Red Hat JBoss Enterprise Web Server 1	inktank-1.2-curl	Will not fix
Red Hat Enterprise Linux 6	curl	Fixed	RHSA-2015:1254	20.07.2015
Red Hat Enterprise Linux 7	curl	Fixed	RHSA-2015:2159	19.11.2015

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-125

Дефект:

CWE-416

https://bugzilla.redhat.com/show_bug.cgi?id=1154941curl: incorrect handle duplication after COPYPOSTFIELDS

4 Medium

CVSS2

Связанные уязвимости

CVE-2014-3707

ubuntu

почти 11 лет назад

CVE-2014-3707

nvd

почти 11 лет назад

CVE-2014-3707

debian

почти 11 лет назад

The curl_easy_duphandle function in libcurl 7.17.1 through 7.38.0, whe ...

GHSA-x89w-3fj3-7gmx

github

больше 3 лет назад

ELSA-2015-2159

oracle-oval

почти 10 лет назад

ELSA-2015-2159: curl security, bug fix, and enhancement update (MODERATE)

4 Medium

CVSS2