Published: 06/02/2019 Updated: 07/11/2023

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 447

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

libcurl versions from 7.34.0 to prior to 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to `smtp_endofresp()` isn't NUL terminated and contains no character ending the parsed number, and `len` is set to 5, then the `strtol()` call reads beyond the allocated buffer. The read contents will not be returned to the caller.

Vulnerable Product	Search on Vulmon	Subscribe to Product
haxx libcurl
canonical ubuntu linux 16.04
canonical ubuntu linux 14.04
canonical ubuntu linux 18.04
canonical ubuntu linux 18.10
debian debian linux 9.0
netapp clustered data ontap
oracle http server 12.2.1.3.0
oracle secure global desktop 5.4
oracle communications operations monitor 3.4
oracle communications operations monitor 4.0

Several security issues were fixed in curl ...

Synopsis Moderate: curl security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for curl is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base sco ...

Synopsis Moderate: OpenShift Container Platform 461 image security update Type/Severity Security Advisory: Moderate Topic An update is now available for Red Hat OpenShift Container Platform 46Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability S ...

libcurl is vulnerable to a heap buffer out-of-bounds read The function handling incoming NTLM type-2 messages (`lib/vauth/ntlmc:ntlm_decode_type2_target`) does not validate incoming data correctly and is subject to an integer overflow vulnerability Using that overflow, a malicious or broken NTLM server could trick libcurl to accept a bad length ...

Impact: Low Public Date: 2019-02-06 CWE: CWE-125 Bugzilla: 1670256: CVE-2019-3823 curl: SMTP end-of-res ...

libcurl versions from 7340 to before 7640 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP If the buffer passed to `smtp_endofresp()` isn't NUL terminated and contains no character ending the parsed number, and `len` is set to 5, then the `strtol()` call reads beyond the allocated buffer The read c ...

CWE-125 https://curl.haxx.se/docs/CVE-2019-3823.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3823 https://www.debian.org/security/2019/dsa-4386 https://usn.ubuntu.com/3882-1/http://www.securityfocus.com/bid/106950 https://security.gentoo.org/glsa/201903-03 https://security.netapp.com/advisory/ntap-20190315-0001/https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html https://access.redhat.com/errata/RHSA-2019:3701 https://cert-portal.siemens.com/productcert/pdf/ssa-936080.pdf https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E https://nvd.nist.gov https://usn.ubuntu.com/3882-1/

CVE-2019-3823

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect