Lucene search
UbuntuUSN-1894-1HistoryJul 02, 2013 - 12:00 a.m.
curl vulnerability
2013-07-0200:00:00
ubuntu.com
28
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
6.1
Confidence
High
EPSS
0.093
Percentile
94.7%
Releases
- Ubuntu 13.04
- Ubuntu 12.10
- Ubuntu 12.04
- Ubuntu 10.04
Packages
- curl - HTTP, HTTPS, and FTP client and client libraries
Details
Timo Sirainen discovered that libcurl incorrectly handled memory when
parsing URL encoded strings. An attacker could possibly use this issue to
cause libcurl to crash, leading to a denial of service, or execute
arbitrary code.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 13.04 | noarch | libcurl3-nss | < 7.29.0-1ubuntu3.1 | UNKNOWN |
| Ubuntu | 13.04 | noarch | curl | < 7.29.0-1ubuntu3.1 | UNKNOWN |
| Ubuntu | 13.04 | noarch | curl-udeb | < 7.29.0-1ubuntu3.1 | UNKNOWN |
| Ubuntu | 13.04 | noarch | libcurl3 | < 7.29.0-1ubuntu3.1 | UNKNOWN |
| Ubuntu | 13.04 | noarch | libcurl3-dbg | < 7.29.0-1ubuntu3.1 | UNKNOWN |
| Ubuntu | 13.04 | noarch | libcurl3-gnutls | < 7.29.0-1ubuntu3.1 | UNKNOWN |
| Ubuntu | 13.04 | noarch | libcurl3-udeb | < 7.29.0-1ubuntu3.1 | UNKNOWN |
| Ubuntu | 13.04 | noarch | libcurl4-gnutls-dev | < 7.29.0-1ubuntu3.1 | UNKNOWN |
| Ubuntu | 13.04 | noarch | libcurl4-nss-dev | < 7.29.0-1ubuntu3.1 | UNKNOWN |
| Ubuntu | 13.04 | noarch | libcurl4-openssl-dev | < 7.29.0-1ubuntu3.1 | UNKNOWN |
References
Related
nessus
nessus
Fedora 17 : curl-7.24.0-10.fc17 (2013-11568)
2013-07-23 00:00:00
SuSE 10 Security Update : curl (ZYPP Patch Number 8614)
2013-07-11 00:00:00
SuSE 11.3 Security Update : curl (SAT Patch Number 7932)
2013-07-18 00:00:00
openvas
openvas
Ubuntu Update for curl USN-1894-1
2013-07-05 00:00:00
CentOS Update for curl CESA-2013:0983 centos6
2013-06-27 00:00:00
CentOS Update for curl CESA-2013:0983 centos5
2013-06-27 00:00:00
seebug
seebug
cURL/libcURL 'curl_easy_unescape()'堆内存破坏漏洞
2013-06-26 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 6 package curl version 7.24.0-alt1.M60P.1
2013-06-24 00:00:00
oraclelinux
oraclelinux
curl security update
2013-06-25 00:00:00
nvd
nvd
CVE-2013-2174
2013-07-31 13:20:25
securityvulns
securityvulns
libcurl uninitialized memory reference
2013-07-01 00:00:00
[ MDVSA-2013:180 ] curl
2013-07-01 00:00:00
prion
prion
Heap overflow
2013-07-31 13:20:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:55:13
Denial Of Service (DoS)
2018-07-25 05:49:29
cvelist
cvelist
CVE-2013-2174
2013-07-31 10:00:00
cve
cve
CVE-2013-2174
2013-07-31 13:20:25
fedora
fedora
[SECURITY] Fedora 19 Update: curl-7.29.0-7.fc19
2013-06-29 18:44:03
[SECURITY] Fedora 19 Update: curl-7.29.0-13.fc19
2014-02-15 20:02:19
[SECURITY] Fedora 17 Update: curl-7.24.0-10.fc17
2013-07-23 01:11:16
mageia
mageia
Updated curl packages fix CVE-2013-2174
2013-06-26 22:44:41
debian
debian
[SECURITY] [DSA 2713-1] curl security update
2013-06-24 21:18:14
[SECURITY] [DSA 2713-1] curl security update
2013-06-24 21:18:14
centos
centos
curl, libcurl security update
2013-06-26 02:20:36
redhat
redhat
(RHSA-2013:0983) Moderate: curl security update
2013-06-25 00:00:00
(RHSA-2013:1076) Important: rhev-hypervisor6 security and bug fix update
2013-07-16 00:00:00
freebsd
freebsd
cURL library -- heap corruption in curl_easy_unescape
2013-06-22 00:00:00
slackware
slackware
[slackware-security] curl
2013-06-23 22:07:06
ubuntucve
ubuntucve
CVE-2013-2174
2013-06-24 00:00:00
debiancve
debiancve
CVE-2013-2174
2013-07-31 13:20:25
ibm
ibm
Security Bulletin: Vulnerabilities in cURL affect System x Integrated Management Module (IMM) (CVE-2013-2174, CVE-2014-0015, CVE-2014-138, CVE-2014-0139)
2019-01-31 01:35:01
gentoo
gentoo
cURL: Multiple vulnerabilities
2014-01-20 00:00:00
ics
ics
Hitachi Energy MSM Product
2022-08-30 12:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - July 2015
2015-07-14 00:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
6.1
Confidence
High
EPSS
0.093
Percentile
94.7%
Related for USN-1894-1