Computer Security
[EN] securityvulns.ru no-pyccku


cURL / libcurl information leak
Published:22.04.2013
Source:
SecurityVulns ID:13028
Type:library
Threat Level:
5/10
Description:Crossdomain cooke access
Affected:CURL : cURL 7.27
CVE:CVE-2013-1944 (The tailMatch function in cookie.c in cURL and libcurl before 7.30.0 does not properly match the path domain when sending cookies, which allows remote attackers to steal cookies via a matching suffix in the domain of a URL.)
Original documentdocumentUBUNTU, [USN-1801-1] curl vulnerability (22.04.2013)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod