- EPSS 2.48%
- Veröffentlicht 29.04.2013 22:55:08
- Zuletzt bearbeitet 11.04.2025 00:51:21
The tailMatch function in cookie.c in cURL and libcurl before 7.30.0 does not properly match the path domain when sending cookies, which allows remote attackers to steal cookies via a matching suffix in the domain of a URL.
CVE-2013-0249
- EPSS 44.2%
- Veröffentlicht 08.03.2013 22:55:01
- Zuletzt bearbeitet 11.04.2025 00:51:21
Stack-based buffer overflow in the Curl_sasl_create_digest_md5_message function in lib/curl_sasl.c in curl and libcurl 7.26.0 through 7.28.1, when negotiating SASL DIGEST-MD5 authentication, allows remote attackers to cause a denial of service (crash...
CVE-2011-3389
- EPSS 3.93%
- Veröffentlicht 06.09.2011 19:55:03
- Zuletzt bearbeitet 11.04.2025 00:51:21
The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man...
CVE-2005-0490
- EPSS 2.58%
- Veröffentlicht 02.05.2005 04:00:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
Multiple stack-based buffer overflows in libcURL and cURL 7.12.1, and possibly other versions, allow remote malicious web servers to execute arbitrary code via base64 encoded replies that exceed the intended buffer lengths when decoded, which is not ...