libcurl.so is vulnerable to denial of service (DoS) through integer overflow attacks. The vulnerability exists due to the lack of bounds check on len
as it is possible to overflow the value of size_t
when performing malloc(len * 2)
in Curl_ntlm_core_mk_nt_hash
of curl_ntlm_core.c
, allowing DoS attacks.