Описание
The sanitize_cookie_path function in cURL and libcurl 7.31.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly have other unspecified impact via a cookie path containing only a double-quote character.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 7.38.0-3ubuntu3 |
| esm-infra-legacy/trusty | released | 7.35.0-1ubuntu2.5 |
| lucid | not-affected | 7.19.7-1ubuntu1.11 |
| precise | not-affected | 7.22.0-3ubuntu4.12 |
| trusty | released | 7.35.0-1ubuntu2.5 |
| trusty/esm | released | 7.35.0-1ubuntu2.5 |
| upstream | released | 7.42.0 |
| utopic | released | 7.37.1-1ubuntu3.4 |
| vivid | released | 7.38.0-3ubuntu2.2 |
| vivid/stable-phone-overlay | released | 7.38.0-3ubuntu2.2 |
Показывать по
7.5 High
CVSS2
Связанные уязвимости
The sanitize_cookie_path function in cURL and libcurl 7.31.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly have other unspecified impact via a cookie path containing only a double-quote character.
The sanitize_cookie_path function in cURL and libcurl 7.31.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly have other unspecified impact via a cookie path containing only a double-quote character.
The sanitize_cookie_path function in cURL and libcurl 7.31.0 through 7 ...
The sanitize_cookie_path function in cURL and libcurl 7.31.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly have other unspecified impact via a cookie path containing only a double-quote character.
7.5 High
CVSS2