Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2018-16840

Published: 31/10/2018 Updated: 09/10/2019
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 670
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Curl

Vulnerability Summary

A heap use-after-free flaw was found in curl versions from 7.59.0 up to and including 7.61.1 in the code related to closing an easy handle. When closing and cleaning up an 'easy' handle in the `Curl_close()` function, the library code first frees a struct (without nulling the pointer) and might then subsequently erroneously write to a struct field within that already freed struct.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

haxx curl

canonical ubuntu linux 16.04

canonical ubuntu linux 18.10

canonical ubuntu linux 14.04

canonical ubuntu linux 18.04

Vendor Advisories

Ubuntu Security Notice: curl vulnerabilities
Several security issues were fixed in curl ...
Debian CVElist Bug Report Logs: curl: CVE-2018-14618: NTLM password overflow via integer overflow
Debian Bug report logs - #908327 curl: CVE-2018-14618: NTLM password overflow via integer overflow Package: src:curl; Maintainer for src:curl is Alessandro Ghedini <ghedo@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 8 Sep 2018 12:33:04 UTC Severity: serious Tags: fixed-upstream, secu ...
Amazon Linux AMI: ALAS-2019-1148
A heap use-after-free flaw was found in curl related to closing an easy handle When closing and cleaning up an 'easy' handle in the `Curl_close()` function, the library code first frees a struct (without nulling the pointer) and might then subsequently erroneously write to a struct field within that already freed struct (CVE-2018-16840) Curl is v ...
Amazon Linux 2: ALAS2-2019-1162
libcurl is vulnerable to a heap buffer out-of-bounds read The function handling incoming NTLM type-2 messages (`lib/vauth/ntlmc:ntlm_decode_type2_target`) does not validate incoming data correctly and is subject to an integer overflow vulnerability Using that overflow, a malicious or broken NTLM server could trick libcurl to accept a bad length ...
Red Hat: CVE-2018-16840
A heap use-after-free flaw was found in curl versions from 7590 through 7611 in the code related to closing an easy handle When closing and cleaning up an 'easy' handle in the `Curl_close()` function, the library code first frees a struct (without nulling the pointer) and might then subsequently erroneously write to a struct field within that ...
Arch Linux Issues:
A heap use-after-free flaw was found in curl versions from 7590 through 7611 in the code related to closing an easy handle When closing and cleaning up an 'easy' handle in the `Curl_close()` function, the library code first frees a struct (without nulling the pointer) and might then subsequently erroneously write to a struct field within that ...

References

CWE-416https://github.com/curl/curl/commit/81d135d67155c5295b1033679c606165d4e28f3fhttps://curl.haxx.se/docs/CVE-2018-16840.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16840https://usn.ubuntu.com/3805-1/http://www.securitytracker.com/id/1042013https://security.gentoo.org/glsa/201903-03https://usn.ubuntu.com/3805-1/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040privilege escalationCVE-2024-4112CVE-2024-32872man-in-the-middleCVE-2024-32788bypassCVE-2024-3400CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook