Уязвимости Угрозы

English Russian Japanese LatAm Türkiye Brasil France Český Deutschland

KLA10618
Information disclosure vulnerability in cURL

Обновлено: 03/06/2020
Дата обнаружения
 22/06/2015
Уровень угрозы
 High
Описание

Multiple serious vulnerabilities have been found in cURL. Malicious users can exploit these vulnerabilities to obtain sensitive information.

Below is a complete list of vulnerabilities

  1. An unknown vulnerability related to SMB can be exploited remotely via specially designed length and offset values;
  2. Improper credentials handling can be exploited remotely via vectors related to curl_easy_reset connection.
Пораженные продукты

cURL and libcurl versions from 7.40.0 through 7.42.1
Решение

Update to the latest version
Get cURL
Первичный источник обнаружения
 cURL advisory
cURL advisory
Оказываемое влияние
?
OSI 
[?]
Связанные продукты
 cURL
CVE-IDS
CVE-2015-32365.0Critical
CVE-2015-32376.4High
Узнай статистику распространения уязвимостей в твоем регионе
© 2023 AO Kaspersky Lab. All Rights Reserved.
Privacy Policy

Up