2 matches found
[ASA-201811-5] libcurl-compat: arbitrary code execution
Arch Linux Security Advisory ASA-201811-5 ========================================= Severity: High Date : 2018-11-06 CVE-ID : CVE-2018-16840 Package : libcurl-compat Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-800 Summary ======= The package libcurl-comp...
CURL-CVE-2018-16840 use after free in handle close
libcurl contains a heap use after free flaw in code related to closing an easy handle. When closing and cleaning up an "easy" handle in the Curlclose function, the library code first frees a struct without clearing the pointer and might then subsequently erroneously write to a struct field within...