Computer Security
[EN] securityvulns.ru no-pyccku


CVECVE-2015-3237
StatusCandidate
DescriptionThe smb_request_state function in cURL and libcurl 7.40.0 through 7.42.1 allows remote SMB servers to obtain sensitive information from memory or cause a denial of service (out-of-bounds read and crash) via crafted length and offset values.
Severity
Medium
CVSS score6,4
CVSS vector(AV:N/AC:L/Au:N/C:P/I:N/A:P)
PhaseAssigned (10.04.2015)
NVD:http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3237
ReferencesCONFIRM : http://curl.haxx.se/docs/adv_20150617B.html
SecurityVulns:cURL security vulnerabilitiies
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod