3 matches found
CVE-2005-4077
CVE-2005-4077 affects libcurl (curl) versions 7.11.2–7.15.0, where multiple off-by-one errors can cause a buffer overflow. Exploitation is local and can trigger a denial of service or bypass PHP security restrictions via crafted URLs, either malformed to prevent a terminating null byte in hostnam...
CVE-2006-1061
CVE-2006-1061 is a heap-based buffer overflow in curl/libcurl (versions 7.15.0–7.15.2) triggered by very long TFTP URLs. A remote attacker could exploit this via a tftp:// URL with a valid hostname and long path to execute arbitrary commands. Public docs reference vendor advisories (Gentoo GLSA, ...
CVE-2000-0973
CVE-2000-0973 affects curl before 6.0-1.1 and curl-ssl before 6.0-1.2. A buffer overflow occurs when generating a long error message, allowing remote attackers to execute arbitrary commands. Root cause: unchecked length in error handling. Connected sources (OSV, CVE records) confirm the overflow ...