Versions of cURL and libcurl prior to 7.49.1 are affected by a flaw that is triggered when loading certain dynamic-link libraries including ‘security.dll’, ‘secur32.dll’, and ‘ws2_32.dll’. The program uses an insecure path to look for specific files or libraries that includes the current working directory, which may not be trusted or under user control. By placing a specially crafted library in the path and tricking a user into opening a FILETYPE file located on a remote WebDAV share, a context-dependent attacker can inject and execute arbitrary code with the privilege of the user running the program.
Binary data 9763.prm