Computer Security
[EN] securityvulns.ru no-pyccku


libcurl uninitialized memory reference
Published:01.07.2013
Source:
SecurityVulns ID:13144
Type:library
Threat Level:
5/10
Description:Uninitialized memory access in curl_easy_unescape()
Affected:CURL : libcurl 7.24
CVE:CVE-2013-2174 (Heap-based buffer overflow in the curl_easy_unescape function in lib/escape.c in cURL and libcurl 7.7 through 7.30.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string ending in a "%" (percent) character.)
Original documentdocumentMANDRIVA, [ MDVSA-2013:180 ] curl (01.07.2013)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod