ID CVE-2018-14618
Summary curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.)
References
Vulnerable Configurations
  • cpe:2.3:a:haxx:libcurl:6.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:6.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:6.1:beta:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:6.1:beta:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:6.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:6.3:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:6.3:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:6.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:6.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:6.4:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:6.4:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:6.5:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:6.5:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:6.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:6.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:6.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:6.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.3:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.3:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.4:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.4:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.5:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.5:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.6:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.6:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.7:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.7:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.7.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.7.3:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.7.3:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.8:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.8:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.8.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.9:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.9:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.9.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.9.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.9.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.9.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.9.3:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.9.3:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.9.4:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.9.4:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.9.5:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.9.5:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.9.6:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.9.6:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.9.7:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.9.7:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.9.8:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.9.8:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.10:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.10:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.10.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.10.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.10.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.10.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.10.3:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.10.3:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.10.4:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.10.4:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.10.5:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.10.5:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.10.6:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.10.6:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.10.7:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.10.7:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.10.8:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.10.8:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.11.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.11.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.11.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.11.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.11.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.11.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.12.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.12.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.12.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.12.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.12.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.12.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.12.3:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.12.3:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.13.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.13.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.13.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.13.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.13.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.13.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.14.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.14.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.14.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.14.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.15.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.15.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.15.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.15.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.15.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.15.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.15.3:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.15.3:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.15.4:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.15.4:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.15.5:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.15.5:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.16.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.16.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.16.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.16.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.16.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.16.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.16.3:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.16.3:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.16.4:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.16.4:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.17.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.17.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.17.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.17.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.18.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.18.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.18.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.18.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.18.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.18.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.19.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.19.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.19.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.19.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.19.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.19.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.19.3:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.19.3:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.19.4:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.19.4:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.19.5:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.19.5:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.19.6:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.19.6:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.19.7:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.19.7:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.20.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.20.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.20.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.20.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.21.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.21.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.21.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.21.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.21.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.21.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.21.3:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.21.3:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.21.4:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.21.4:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.21.5:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.21.5:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.21.6:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.21.6:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.21.7:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.21.7:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.22.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.22.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.23.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.23.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.23.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.23.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.24.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.24.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.25.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.25.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.26.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.26.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.27.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.27.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.28.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.28.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.28.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.28.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.29.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.29.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.30.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.30.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.31.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.31.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.32.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.32.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.33.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.33.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.34.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.34.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.35.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.35.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.36.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.36.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.37.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.37.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.37.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.37.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.38.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.38.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.39:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.39:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.39.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.39.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.40.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.40.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.41.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.41.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.42:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.42:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.42.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.42.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.42.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.42.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.43.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.43.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.44.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.44.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.45.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.45.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.46.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.46.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.47.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.47.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.47.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.47.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.48.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.48.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.49.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.49.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.49.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.49.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.50.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.50.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.50.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.50.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.50.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.50.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.50.3:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.50.3:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.51.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.51.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.52.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.52.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.52.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.52.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.53.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.53.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.53.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.53.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.54.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.54.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.54.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.54.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.55.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.55.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.55.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.55.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.56.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.56.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.56.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.56.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.57.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.57.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.58.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.58.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.59.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.59.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.60.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.60.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.61.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.61.0:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:*
CVSS
Base: 10.0 (as of 22-04-2019 - 17:48)
Impact:
Exploitability:
CWE CWE-190
CAPEC
  • Forced Integer Overflow
    This attack forces an integer variable to go out of range. The integer variable is often used as an offset such as size of memory allocation or similarly. The attacker would typically control the value of such variable and try to get it out of range. For instance the integer in question is incremented past the maximum possible value, it may wrap to become a very small, or negative number, therefore providing a very incorrect value which can lead to unexpected behavior. At worst the attacker can execute arbitrary code.
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
redhat via4
advisories
  • bugzilla
    id 1709474
    title baseurl with file:// hangs and then timeout in yum repo [rhel-7.6.z]
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 7 is installed
        oval oval:com.redhat.rhba:tst:20150364027
      • OR
        • AND
          • comment curl is earlier than 0:7.29.0-51.el7_6.3
            oval oval:com.redhat.rhsa:tst:20191880001
          • comment curl is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20110918012
        • AND
          • comment libcurl is earlier than 0:7.29.0-51.el7_6.3
            oval oval:com.redhat.rhsa:tst:20191880003
          • comment libcurl is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20110918014
        • AND
          • comment libcurl-devel is earlier than 0:7.29.0-51.el7_6.3
            oval oval:com.redhat.rhsa:tst:20191880005
          • comment libcurl-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20110918016
    rhsa
    id RHSA-2019:1880
    released 2019-07-29
    severity Low
    title RHSA-2019:1880: curl security and bug fix update (Low)
  • rhsa
    id RHSA-2018:3558
rpms
  • httpd24-curl-0:7.61.1-1.el6
  • httpd24-curl-0:7.61.1-1.el7
  • httpd24-curl-debuginfo-0:7.61.1-1.el6
  • httpd24-curl-debuginfo-0:7.61.1-1.el7
  • httpd24-httpd-0:2.4.34-7.el6
  • httpd24-httpd-0:2.4.34-7.el7
  • httpd24-httpd-debuginfo-0:2.4.34-7.el6
  • httpd24-httpd-debuginfo-0:2.4.34-7.el7
  • httpd24-httpd-devel-0:2.4.34-7.el6
  • httpd24-httpd-devel-0:2.4.34-7.el7
  • httpd24-httpd-manual-0:2.4.34-7.el6
  • httpd24-httpd-manual-0:2.4.34-7.el7
  • httpd24-httpd-tools-0:2.4.34-7.el6
  • httpd24-httpd-tools-0:2.4.34-7.el7
  • httpd24-libcurl-0:7.61.1-1.el6
  • httpd24-libcurl-0:7.61.1-1.el7
  • httpd24-libcurl-devel-0:7.61.1-1.el6
  • httpd24-libcurl-devel-0:7.61.1-1.el7
  • httpd24-libnghttp2-0:1.7.1-7.el6
  • httpd24-libnghttp2-0:1.7.1-7.el7
  • httpd24-libnghttp2-devel-0:1.7.1-7.el6
  • httpd24-libnghttp2-devel-0:1.7.1-7.el7
  • httpd24-mod_ldap-0:2.4.34-7.el6
  • httpd24-mod_ldap-0:2.4.34-7.el7
  • httpd24-mod_md-0:2.4.34-7.el7
  • httpd24-mod_proxy_html-1:2.4.34-7.el6
  • httpd24-mod_proxy_html-1:2.4.34-7.el7
  • httpd24-mod_session-0:2.4.34-7.el6
  • httpd24-mod_session-0:2.4.34-7.el7
  • httpd24-mod_ssl-1:2.4.34-7.el6
  • httpd24-mod_ssl-1:2.4.34-7.el7
  • httpd24-nghttp2-0:1.7.1-7.el6
  • httpd24-nghttp2-0:1.7.1-7.el7
  • httpd24-nghttp2-debuginfo-0:1.7.1-7.el6
  • httpd24-nghttp2-debuginfo-0:1.7.1-7.el7
  • curl-0:7.29.0-51.el7_6.3
  • curl-debuginfo-0:7.29.0-51.el7_6.3
  • libcurl-0:7.29.0-51.el7_6.3
  • libcurl-devel-0:7.29.0-51.el7_6.3
refmap via4
confirm
debian DSA-4286
gentoo GLSA-201903-03
sectrack 1041605
ubuntu
  • USN-3765-1
  • USN-3765-2
Last major update 22-04-2019 - 17:48
Published 05-09-2018 - 19:29
Last modified 22-04-2019 - 17:48
Back to Top