ID |
CVE-2018-1000300
|
Summary |
curl version curl 7.54.1 to and including curl 7.59.0 contains a CWE-122: Heap-based Buffer Overflow vulnerability in denial of service and more that can result in curl might overflow a heap based memory buffer when closing down an FTP connection with very long server command replies.. This vulnerability appears to have been fixed in curl < 7.54.1 and curl >= 7.60.0. |
References |
|
Vulnerable Configurations |
-
cpe:2.3:a:haxx:curl:7.54.1:*:*:*:*:*:*:*
cpe:2.3:a:haxx:curl:7.54.1:*:*:*:*:*:*:*
-
cpe:2.3:a:haxx:curl:7.55.0:*:*:*:*:*:*:*
cpe:2.3:a:haxx:curl:7.55.0:*:*:*:*:*:*:*
-
cpe:2.3:a:haxx:curl:7.55.1:*:*:*:*:*:*:*
cpe:2.3:a:haxx:curl:7.55.1:*:*:*:*:*:*:*
-
cpe:2.3:a:haxx:curl:7.56.0:*:*:*:*:*:*:*
cpe:2.3:a:haxx:curl:7.56.0:*:*:*:*:*:*:*
-
cpe:2.3:a:haxx:curl:7.56.1:*:*:*:*:*:*:*
cpe:2.3:a:haxx:curl:7.56.1:*:*:*:*:*:*:*
-
cpe:2.3:a:haxx:curl:7.57.0:*:*:*:*:*:*:*
cpe:2.3:a:haxx:curl:7.57.0:*:*:*:*:*:*:*
-
cpe:2.3:a:haxx:curl:7.58.0:*:*:*:*:*:*:*
cpe:2.3:a:haxx:curl:7.58.0:*:*:*:*:*:*:*
-
cpe:2.3:a:haxx:curl:7.59.0:*:*:*:*:*:*:*
cpe:2.3:a:haxx:curl:7.59.0:*:*:*:*:*:*:*
-
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
-
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
-
cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*
-
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
|
CVSS |
Base: | 7.5 (as of 24-08-2020 - 17:37) |
Impact: | |
Exploitability: | |
|
CWE |
CWE-787 |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
PARTIAL |
PARTIAL |
PARTIAL |
|
cvss-vector
via4
|
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
refmap
via4
|
bid | 104207 | confirm | | gentoo | GLSA-201806-05 | sectrack | 1040933 | ubuntu | USN-3648-1 |
|
Last major update |
24-08-2020 - 17:37 |
Published |
24-05-2018 - 13:29 |
Last modified |
24-08-2020 - 17:37 |