Computer Security
[EN] no-pyccku

libcurl information leakage
SecurityVulns ID:13962
Threat Level:
Description:Cookie can be leaked to wrong site.
Affected:CURL : libcurl 7.38
CVE:CVE-2014-3620 (cURL and libcurl before 7.38.0 allow remote attackers to bypass the Same Origin Policy and set cookies for arbitrary sites by setting a cookie for a top-level domain.)
 CVE-2014-3613 (cURL and libcurl before 7.38.0 does not properly handle IP addresses in cookie domain names, which allows remote attackers to set cookies for or send arbitrary cookies to certain sites, as demonstrated by a site at setting cookies for a site at
Original documentdocumentDEBIAN, [SECURITY] [DSA 3022-1] curl security update (15.09.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod