Description
Multiple serious vulnerabilities have been found in cURL. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service or conduct other unknown impact.
Below is a complete list of vulnerabilities
- Improper re-use of authenticated Negotiate and NTLM connections can be exploited remotely via a specially designed request;
- An improper index calculation can be exploited remotely via a specially designed cookie or host name.
Original advisories
Related products
CVE list
- CVE-2015-3148 warning
- CVE-2015-3145 high
- CVE-2015-3143 warning
- CVE-2015-3144 critical
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!