Lucene search

K
ubuntuUbuntuUSN-1894-1
HistoryJul 02, 2013 - 12:00 a.m.

curl vulnerability

2013-07-0200:00:00
ubuntu.com
27

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

6.1 Medium

AI Score

Confidence

High

0.093 Low

EPSS

Percentile

94.7%

Releases

  • Ubuntu 13.04
  • Ubuntu 12.10
  • Ubuntu 12.04
  • Ubuntu 10.04

Packages

  • curl - HTTP, HTTPS, and FTP client and client libraries

Details

Timo Sirainen discovered that libcurl incorrectly handled memory when
parsing URL encoded strings. An attacker could possibly use this issue to
cause libcurl to crash, leading to a denial of service, or execute
arbitrary code.

Rows per page:
1-10 of 361

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

6.1 Medium

AI Score

Confidence

High

0.093 Low

EPSS

Percentile

94.7%