Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.6
CVSSv2

CVE-2005-4077

Published: 08/12/2005 Updated: 19/10/2018
CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9
VMScore: 409
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Daniel Stenberg

Vulnerability Summary

Multiple off-by-one errors in the cURL library (libcurl) 7.11.2 up to and including 7.15.0 allow local users to trigger a buffer overflow and cause a denial of service or bypass PHP security restrictions via certain URLs that (1) are malformed in a way that prevents a terminating null byte from being added to either a hostname or path buffer, or (2) contain a "?" separator in the hostname portion, which causes a "/" to be prepended to the resulting string.

Vulnerable Product Search on Vulmon Subscribe to Product

daniel stenberg curl 7.13

daniel stenberg curl 7.13.1

daniel stenberg curl 7.11.2

daniel stenberg curl 7.13.2

daniel stenberg curl 7.14

daniel stenberg curl 7.12.2

daniel stenberg curl 7.12.3

daniel stenberg curl 7.12

daniel stenberg curl 7.12.1

daniel stenberg curl 7.14.1

daniel stenberg curl 7.15

Vendor Advisories

Red Hat: curl security update
Synopsis curl security update Type/Severity Security Advisory: Moderate Topic Updated curl packages that fix a security issue are now available for RedHat Enterprise Linux 4This update has been rated as having moderate security impact by the RedHat Security Response Team Description cURL ...
Debian CVElist Bug Report Logs: Off-by-One heap overflow in curl's URL parsing code
Debian Bug report logs - #342339 Off-by-One heap overflow in curl's URL parsing code Package: curl; Maintainer for curl is Alessandro Ghedini <ghedo@debianorg>; Source for curl is src:curl (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Wed, 7 Dec 2005 09:48:02 UTC Severity: important ...
Ubuntu Security Notice: curl vulnerability
Stefan Esser discovered several buffer overflows in the handling of URLs By attempting to load an URL with a specially crafted invalid hostname, a local attacker could exploit this to execute arbitrary code with the privileges of the application that uses the cURL library ...

References

CWE-189http://www.hardened-php.net/advisory_242005.109.htmlhttp://curl.haxx.se/docs/adv_20051207.htmlhttp://www.securityfocus.com/bid/15756http://secunia.com/advisories/17907http://secunia.com/advisories/17977http://www.gentoo.org/security/en/glsa/glsa-200512-09.xmlhttp://www.redhat.com/support/errata/RHSA-2005-875.htmlhttp://secunia.com/advisories/18105http://secunia.com/advisories/18188http://www.trustix.org/errata/2005/0072/http://secunia.com/advisories/18336http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00020.htmlhttp://www.debian.org/security/2005/dsa-919http://secunia.com/advisories/17960http://secunia.com/advisories/17961http://secunia.com/advisories/17965http://qa.openoffice.org/issues/show_bug.cgi?id=59032http://secunia.com/advisories/19261http://www.gentoo.org/security/en/glsa/glsa-200603-25.xmlhttp://secunia.com/advisories/19433ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.16/SCOSA-2006.16.txthttp://secunia.com/advisories/19457http://lists.apple.com/archives/security-announce/2006/May/msg00003.htmlhttp://www.us-cert.gov/cas/techalerts/TA06-132A.htmlhttp://secunia.com/advisories/20077http://www.securityfocus.com/bid/17951http://www.mandriva.com/security/advisories?name=MDKSA-2005:224http://docs.info.apple.com/article.html?artnum=307562http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.htmlhttp://www.vupen.com/english/advisories/2006/1779http://www.vupen.com/english/advisories/2006/0960http://www.vupen.com/english/advisories/2005/2791http://www.vupen.com/english/advisories/2008/0924/referenceshttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10855https://usn.ubuntu.com/228-1/http://www.securityfocus.com/archive/1/418849/100/0/threadedhttps://access.redhat.com/errata/RHSA-2005:875https://usn.ubuntu.com/228-1/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionCVE-2006-4304CVE-2023-26603CVE-2024-28327CVE-2023-50363CVE-2024-21905template injectionCVE-2024-3400cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook