ID CVE-2014-0139
Summary cURL and libcurl 7.1 before 7.36.0, when using the OpenSSL, axtls, qsossl or gskit libraries for TLS, recognize a wildcard IP address in the subject's Common Name (CN) field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.
References
Vulnerable Configurations
  • cpe:2.3:a:haxx:curl:7.10.6:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.10.6:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.10.7:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.10.7:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.10.8:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.10.8:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.11.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.11.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.11.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.11.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.11.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.11.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.12.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.12.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.12.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.12.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.12.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.12.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.12.3:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.12.3:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.13.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.13.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.13.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.13.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.13.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.13.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.14.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.14.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.14.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.14.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.15.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.15.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.15.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.15.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.15.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.15.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.15.3:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.15.3:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.15.4:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.15.4:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.15.5:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.15.5:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.16.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.16.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.16.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.16.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.16.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.16.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.16.3:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.16.3:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.16.4:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.16.4:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.17.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.17.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.17.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.17.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.18.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.18.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.18.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.18.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.18.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.18.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.19.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.19.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.19.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.19.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.19.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.19.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.19.3:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.19.3:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.19.4:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.19.4:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.19.5:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.19.5:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.19.6:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.19.6:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.19.7:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.19.7:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.20.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.20.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.20.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.20.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.21.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.21.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.21.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.21.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.21.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.21.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.21.3:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.21.3:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.21.4:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.21.4:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.21.5:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.21.5:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.21.6:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.21.6:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.21.7:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.21.7:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.22.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.22.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.23.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.23.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.23.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.23.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.24.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.24.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.25.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.25.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.26.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.26.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.27.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.27.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.28.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.28.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.28.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.28.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.29.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.29.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.30.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.30.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.31.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.31.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.32.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.32.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.33.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.33.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.34.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.34.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.35.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.35.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.10.6:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.10.6:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.10.7:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.10.7:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.10.8:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.10.8:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.11.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.11.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.11.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.11.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.11.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.11.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.12.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.12.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.12.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.12.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.12.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.12.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.12.3:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.12.3:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.13.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.13.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.13.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.13.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.13.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.13.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.14.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.14.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.14.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.14.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.15.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.15.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.15.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.15.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.15.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.15.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.15.3:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.15.3:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.15.4:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.15.4:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.15.5:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.15.5:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.16.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.16.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.16.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.16.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.16.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.16.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.16.3:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.16.3:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.16.4:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.16.4:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.17.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.17.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.17.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.17.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.18.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.18.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.18.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.18.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.18.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.18.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.19.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.19.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.19.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.19.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.19.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.19.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.19.3:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.19.3:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.19.4:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.19.4:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.19.5:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.19.5:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.19.6:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.19.6:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.19.7:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.19.7:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.20.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.20.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.20.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.20.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.21.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.21.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.21.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.21.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.21.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.21.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.21.3:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.21.3:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.21.4:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.21.4:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.21.5:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.21.5:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.21.6:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.21.6:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.21.7:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.21.7:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.22.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.22.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.23.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.23.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.23.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.23.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.24.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.24.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.25.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.25.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.26.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.26.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.27.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.27.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.28.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.28.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.28.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.28.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.29.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.29.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.30.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.30.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.31.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.31.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.32.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.32.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.33.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.33.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.34.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.34.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.35.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.35.0:*:*:*:*:*:*:*
CVSS
Base: 5.8 (as of 16-12-2017 - 02:29)
Impact:
Exploitability:
CWE CWE-310
CAPEC
  • Signature Spoofing by Key Recreation
    An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:N
refmap via4
confirm
debian DSA-2902
mandriva MDVSA-2015:213
secunia
  • 57836
  • 57966
  • 57968
  • 58615
  • 59458
suse openSUSE-SU-2014:0530
ubuntu USN-2167-1
Last major update 16-12-2017 - 02:29
Published 15-04-2014 - 14:55
Last modified 16-12-2017 - 02:29
Back to Top