curl and libcurl before 7.57.0 on 32-bit platforms allow attackers to cause a denial of service (out-of-bounds access and application crash) or possibly have unspecified other impact because too little memory is allocated for interfacing to an SSL library.
References
| Link | Resource |
|---|---|
| http://security.cucumberlinux.com/security/details.php?id=163 | Third Party Advisory |
| http://www.securityfocus.com/bid/102014 | Third Party Advisory VDB Entry |
| http://www.securitytracker.com/id/1039898 | Third Party Advisory VDB Entry |
| https://curl.haxx.se/docs/adv_2017-af0a.html | Patch Vendor Advisory |
| https://security.gentoo.org/glsa/201712-04 | Third Party Advisory |
| http://security.cucumberlinux.com/security/details.php?id=163 | Third Party Advisory |
| http://www.securityfocus.com/bid/102014 | Third Party Advisory VDB Entry |
| http://www.securitytracker.com/id/1039898 | Third Party Advisory VDB Entry |
| https://curl.haxx.se/docs/adv_2017-af0a.html | Patch Vendor Advisory |
| https://security.gentoo.org/glsa/201712-04 | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 03:34
| Type | Values Removed | Values Added |
|---|---|---|
| References | () http://security.cucumberlinux.com/security/details.php?id=163 - Third Party Advisory | |
| References | () http://www.securityfocus.com/bid/102014 - Third Party Advisory, VDB Entry | |
| References | () http://www.securitytracker.com/id/1039898 - Third Party Advisory, VDB Entry | |
| References | () https://curl.haxx.se/docs/adv_2017-af0a.html - Patch, Vendor Advisory | |
| References | () https://security.gentoo.org/glsa/201712-04 - Third Party Advisory |
Information
Published : 2017-11-29 18:29
Updated : 2024-11-21 03:34
NVD link : CVE-2017-8818
Mitre link : CVE-2017-8818
CVE.ORG link : CVE-2017-8818
JSON object : View
Products Affected
haxx
- curl
- libcurl
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer