- Home
- CVEs with nessus.description==Daniel Stenberg discovered that curl incorrectly handled large
floating point output. A remote attacker could use this issue to cause
curl to crash, resulting in a denial of service, or possibly execute
arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu
16.04 LTS. (CVE-2016-9586)
Even Rouault discovered that curl incorrectly handled large file names
when doing TFTP transfers. A remote attacker could use this issue to
cause curl to crash, resulting in a denial of service, or possibly
obtain sensitive memory contents. (CVE-2017-1000100)
Brian Carpenter and Yongji Ouyang discovered that curl incorrectly
handled numerical range globbing. A remote attacker could use this
issue to cause curl to crash, resulting in a denial of service, or
possibly obtain sensitive memory contents. (CVE-2017-1000101)
Max Dymond discovered that curl incorrectly handled FTP PWD responses.
A remote attacker could use this issue to cause curl to crash,
resulting in a denial of service. (CVE-2017-1000254)
Brian Carpenter discovered that curl incorrectly handled the
--write-out command line option. A local attacker could possibly use
this issue to obtain sensitive memory contents. (CVE-2017-7407).
Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top