Lucene search
K

4 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:17 a.m.7 views

SUSE CVE-2019-3822

libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header lib/vauth/ntlm.c:Curlauthcreatentlmtype3message, generates the request HTTP header contents based on previously received data. The check that exists ...

7.5CVSS9.8AI score0.12771EPSS
Exploits1References28
RedHat Linux
RedHat Linux
added 2019/11/05 10:28 p.m.3 views

curl: NTLMv2 type-3 header stack buffer overflow

A stack-based buffer overflow was found in the way curl handled NTLMv2 type-3 headers. When connecting to a remote malicious server which uses NTLM authentication, the flaw could cause curl to crash...

9.8CVSS7.8AI score0.12771EPSS
Exploits1References5
Veracode
Veracode
added 2019/03/12 5:15 a.m.24 views

Remote Code Execution (RCE)

libcurl.so is vulnerable to remote code execution RCE. An improper bounds check in the function that creates an outgoing NTLM type-3 header lib/vauth/ntlm.c:Curlauthcreatentlmtype3message results in a stack-based buffer overflow when a very large nt response data is extracted from a previous NTLM...

9.8CVSS9.9AI score0.12771EPSS
Exploits1References17Affected Software2
OSV
OSV
added 2019/02/06 8:0 a.m.9 views

CURL-CVE-2019-3822 NTLMv2 type-3 header stack buffer overflow

libcurl contains a stack based buffer overflow vulnerability. The function creating an outgoing NTLM type-3 header lib/vauth/ntlm.c:Curlauthcreatentlmtype3message, generates the request HTTP header contents based on previously received data. The check that exists to prevent the local buffer from...

9.8CVSS6.5AI score0.12771EPSS
Exploits1
Rows per page
Query Builder