Lucene search
Ubuntu.comUB:CVE-2014-3707HistoryNov 05, 2014 - 12:00 a.m.
CVE-2014-3707
2014-11-0500:00:00
ubuntu.com
ubuntu.com
9
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.003 Low
EPSS
Percentile
69.4%
The curl_easy_duphandle function in libcurl 7.17.1 through 7.38.0, when
running with the CURLOPT_COPYPOSTFIELDS option, does not properly copy HTTP
POST data for an easy handle, which triggers an out-of-bounds read that
allows remote web servers to read sensitive memory information.
Related
nessus
nessus
Oracle Solaris Third-Party Patch Update : libcurl (cve_2014_3707_information_disclosure)
2015-01-19 00:00:00
Fedora 21 : curl-7.37.0-11.fc21 (2014-16605)
2014-12-15 00:00:00
Debian DLA-84-1 : curl security update
2015-03-26 00:00:00
securityvulns
securityvulns
libcurl information leakage
2014-11-24 00:00:00
[ MDVSA-2014:213 ] curl
2014-11-24 00:00:00
APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006
2015-08-17 00:00:00
debian
debian
[SECURITY] [DLA 84-1] curl security update
2014-11-09 16:18:30
[SECURITY] [DSA 3069-1] curl security update
2014-11-07 15:40:07
[SECURITY] [DSA 3069-1] curl security update
2014-11-07 15:40:07
openvas
openvas
Mageia: Security Advisory (MGASA-2014-0444)
2022-01-28 00:00:00
Debian Security Advisory DSA 3069-1 (curl - security update)
2014-11-07 00:00:00
Debian: Security Advisory (DSA-3069-1)
2014-11-06 00:00:00
archlinux
archlinux
curl: out-of-bounds read
2014-11-11 00:00:00
veracode
veracode
Information Disclosure
2018-08-13 03:43:07
CRLF Injection
2019-05-02 05:40:50
debiancve
debiancve
CVE-2014-3707
2014-11-15 20:59:00
ubuntu
ubuntu
curl vulnerability
2014-11-10 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: curl-7.37.0-11.fc21
2014-12-15 04:27:56
[SECURITY] Fedora 21 Update: curl-7.37.0-9.fc21
2014-11-10 06:43:36
[SECURITY] Fedora 21 Update: mingw-curl-7.39.0-1.fc21
2015-01-02 05:06:16
prion
prion
Out-of-bounds
2014-11-15 20:59:00
osv
osv
curl - security update
2014-11-09 00:00:00
curl - security update
2014-11-07 00:00:00
hackerone
hackerone
Internet Bug Bounty: libcurl duphandle read out of bounds
2015-09-16 00:00:00
cve
cve
CVE-2014-3707
2014-11-15 20:59:00
mageia
mageia
Updated curl packages fix CVE-2014-3707
2014-11-14 03:57:44
amazon
amazon
Medium: curl
2015-02-11 19:36:00
f5
f5
ibm
ibm
Security Bulletin: Vulnerabilities in curl affect IBM Security Network Protection
2018-06-16 21:30:39
Security Bulletin: Multiple vulnerabilities in curl affect PowerKVM
2018-06-18 01:30:31
redhat
redhat
(RHSA-2015:2159) Moderate: curl security, bug fix, and enhancement update
2015-11-19 14:41:12
(RHSA-2015:1254) Moderate: curl security, bug fix, and enhancement update
2015-07-22 05:29:46
oraclelinux
oraclelinux
curl security, bug fix, and enhancement update
2015-11-23 00:00:00
curl security, bug fix, and enhancement update
2015-07-28 00:00:00
centos
centos
curl, libcurl security update
2015-11-30 19:26:37
curl, libcurl security update
2015-07-26 14:12:23
ics
ics
Hitachi Energy MSM Product
2022-08-30 12:00:00
kitploit
kitploit
Radamsa - A General-Purpose Fuzzer
2024-03-25 11:30:00
oracle
oracle
Oracle Critical Patch Update Advisory - October 2015
2015-10-20 00:00:00
Oracle Critical Patch Update Advisory - July 2015
2015-07-14 00:00:00
Oracle Critical Patch Update - October 2017
2017-10-17 00:00:00
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.003 Low
EPSS
Percentile
69.4%
Related for UB:CVE-2014-3707