Lucene search
RedHatRHSA-2005:875HistoryDec 20, 2005 - 12:00 a.m.
(RHSA-2005:875) curl security update
2005-12-2000:00:00
access.redhat.com
7
0.001 Low
EPSS
Percentile
22.9%
cURL is a tool for getting files from FTP, HTTP, Gopher, Telnet, and Dict
servers, using any of the supported protocols.
Stefan Esser discovered an off-by-one bug in curl. It may be possible to
execute arbitrary code on a user’s machine if the user can be tricked into
executing curl with a carefully crafted URL. The Common Vulnerabilities and
Exposures project assigned the name CVE-2005-4077 to this issue.
All users of curl are advised to upgrade to these updated packages, which
contain a backported patch that resolves this issue.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | any | x86_64 | curl | < 7.12.1-8.rhel4 | curl-7.12.1-8.rhel4.x86_64.rpm |
| RedHat | any | s390 | curl | < 7.12.1-8.rhel4 | curl-7.12.1-8.rhel4.s390.rpm |
| RedHat | any | ia64 | curl | < 7.12.1-8.rhel4 | curl-7.12.1-8.rhel4.ia64.rpm |
| RedHat | any | ppc | curl | < 7.12.1-8.rhel4 | curl-7.12.1-8.rhel4.ppc.rpm |
| RedHat | any | x86_64 | curl-devel | < 7.12.1-8.rhel4 | curl-devel-7.12.1-8.rhel4.x86_64.rpm |
| RedHat | any | src | curl | < 7.12.1-8.rhel4 | curl-7.12.1-8.rhel4.src.rpm |
| RedHat | any | s390 | curl-devel | < 7.12.1-8.rhel4 | curl-devel-7.12.1-8.rhel4.s390.rpm |
| RedHat | any | i386 | curl-devel | < 7.12.1-8.rhel4 | curl-devel-7.12.1-8.rhel4.i386.rpm |
| RedHat | any | ppc64 | curl | < 7.12.1-8.rhel4 | curl-7.12.1-8.rhel4.ppc64.rpm |
| RedHat | any | s390x | curl | < 7.12.1-8.rhel4 | curl-7.12.1-8.rhel4.s390x.rpm |
Related
openvas
openvas
Gentoo Security Advisory GLSA 200603-25 (openoffice openoffice-bin)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200512-09 (cURL)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200603-25 (openoffice openoffice-bin)
2008-09-24 00:00:00
debian
debian
[SECURITY] [DSA 919-2] New curl packages fix potential security problem
2006-03-10 10:04:53
[SECURITY] [DSA 919-2] New curl packages fix potential security problem
2006-03-10 10:04:53
[SECURITY] [DSA 919-1] New curl packages fix potential security problem
2005-12-12 13:03:48
centos
centos
curl security update
2005-12-21 02:50:35
securityvulns
securityvulns
[ GLSA 200603-25 ] OpenOffice.org: Heap overflow in included libcurl
2006-03-28 00:00:00
Multiple Network-related Vulnerabilities in Electric Sheep
2005-12-26 00:00:00
f5
f5
SOL5868 - Buffer overflow vulnerability in cURL - CVE-2005-4077
2007-05-16 00:00:00
K5868 : Buffer overflow vulnerability in cURL - CVE-2005-4077
2013-03-27 00:00:00
nessus
nessus
Fedora Core 3 : curl-7.12.3-6.fc3 (2005-1136)
2005-12-15 00:00:00
GLSA-200603-25 : OpenOffice.org: Heap overflow in included libcurl
2006-03-28 00:00:00
GLSA-200512-09 : cURL: Off-by-one errors in URL handling
2005-12-20 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:10:48
cvelist
cvelist
CVE-2005-4077
2005-12-08 01:00:00
gentoo
gentoo
OpenOffice.org: Heap overflow in included libcurl
2006-03-27 00:00:00
cURL: Off-by-one errors in URL handling
2005-12-16 00:00:00
ubuntucve
ubuntucve
CVE-2005-4077
2005-12-08 00:00:00
ubuntu
ubuntu
curl library vulnerability
2005-12-13 00:00:00
cve
cve
CVE-2005-4077
2005-12-08 01:03:00
freebsd
freebsd
curl -- URL buffer overflow vulnerability
2005-12-07 00:00:00
nvd
nvd
CVE-2005-4077
2005-12-08 01:03:00
debiancve
debiancve
CVE-2005-4077
2005-12-08 01:03:00
osv
osv
curl - buffer overflow
2005-12-12 00:00:00