Lucene search
PRIOn knowledge basePRION:CVE-2013-2174HistoryJul 31, 2013 - 1:20 p.m.
Heap overflow
2013-07-3113:20:00
PRIOn knowledge base
www.prio-n.com
4
Heap-based buffer overflow in the curl_easy_unescape function in lib/escape.c in cURL and libcurl 7.7 through 7.30.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string ending in a “%” (percent) character.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ubuntu_linux | eq | 13.04 | |
| ubuntu_linux | eq | 12.10 | |
| ubuntu_linux | eq | 12.4 lts | |
| ubuntu_linux | eq | 10.4 lts | |
| curl | eq | 7.7 | |
| curl | eq | 7.21.3 | |
| curl | eq | 7.10 | |
| curl | eq | 7.15.1 | |
| curl | eq | 7.24.0 | |
| curl | eq | 7.16.1 |
References
curl.haxx.se/docs/adv_20130622.html
lists.opensuse.org/opensuse-updates/2013-07/msg00013.html
rhn.redhat.com/errata/RHSA-2013-0983.html
www.debian.org/security/2013/dsa-2713
www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
www.securityfocus.com/bid/60737
www.ubuntu.com/usn/USN-1894-1
github.com/bagder/curl/commit/192c4f788d48f82c03e9cef40013f34370e90737
Related
nessus
nessus
FreeBSD : cURL library -- heap corruption in curl_easy_unescape (01cf67b3-dc3b-11e2-a6cd-c48508086173)
2013-06-24 00:00:00
cURL/libcURL 'Curl_sasl_create_digest_md5_message()' Stack Buffer Overflow
2013-07-01 00:00:00
Debian DSA-2713-1 : curl - heap overflow
2013-06-25 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:55:13
Denial Of Service (DoS)
2018-07-25 05:49:29
securityvulns
securityvulns
libcurl uninitialized memory reference
2013-07-01 00:00:00
[ MDVSA-2013:180 ] curl
2013-07-01 00:00:00
nvd
nvd
CVE-2013-2174
2013-07-31 13:20:25
openvas
openvas
Oracle: Security Advisory (ELSA-2013-0983)
2015-10-06 00:00:00
Debian Security Advisory DSA 2713-1 (curl - heap overflow)
2013-06-24 00:00:00
SUSE: Security Advisory (SUSE-SU-2013:1166-1)
2021-06-09 00:00:00
oraclelinux
oraclelinux
curl security update
2013-06-25 00:00:00
cvelist
cvelist
CVE-2013-2174
2013-07-31 10:00:00
altlinux
altlinux
Security fix for the ALT Linux 6 package curl version 7.24.0-alt1.M60P.1
2013-06-24 00:00:00
ubuntu
ubuntu
curl vulnerability
2013-07-02 00:00:00
seebug
seebug
cURL/libcURL 'curl_easy_unescape()'堆内存破坏漏洞
2013-06-26 00:00:00
cve
cve
CVE-2013-2174
2013-07-31 13:20:25
centos
centos
curl, libcurl security update
2013-06-26 02:20:36
debian
debian
[SECURITY] [DSA 2713-1] curl security update
2013-06-24 21:18:14
[SECURITY] [DSA 2713-1] curl security update
2013-06-24 21:18:14
fedora
fedora
[SECURITY] Fedora 19 Update: curl-7.29.0-7.fc19
2013-06-29 18:44:03
[SECURITY] Fedora 19 Update: haproxy-1.4.24-1.fc19
2013-06-29 18:15:34
[SECURITY] Fedora 19 Update: curl-7.29.0-13.fc19
2014-02-15 20:02:19
mageia
mageia
Updated curl packages fix CVE-2013-2174
2013-06-26 22:44:41
redhat
redhat
(RHSA-2013:0983) Moderate: curl security update
2013-06-25 00:00:00
(RHSA-2013:1076) Important: rhev-hypervisor6 security and bug fix update
2013-07-16 00:00:00
freebsd
freebsd
cURL library -- heap corruption in curl_easy_unescape
2013-06-22 00:00:00
slackware
slackware
[slackware-security] curl
2013-06-23 22:07:06
ubuntucve
ubuntucve
CVE-2013-2174
2013-06-24 00:00:00
debiancve
debiancve
CVE-2013-2174
2013-07-31 13:20:25
ibm
ibm
Security Bulletin: Vulnerabilities in cURL affect System x Integrated Management Module (IMM) (CVE-2013-2174, CVE-2014-0015, CVE-2014-138, CVE-2014-0139)
2019-01-31 01:35:01
gentoo
gentoo
cURL: Multiple vulnerabilities
2014-01-20 00:00:00
ics
ics
Hitachi Energy MSM Product
2022-08-30 12:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - July 2015
2015-07-14 00:00:00