CVE-2005-0490 — Incorrect Calculation of Buffer Size in Curl

CWE-131 — Incorrect Calculation of Buffer Size9 documents8 sources

Severity

8.8HIGHNVD

EPSS

2.6%

top 14.42%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Haxx Curl Haxx Libcurl

Timeline

PublishedMay 2

Latest updateMay 1

Description

Multiple stack-based buffer overflows in libcURL and cURL 7.12.1, and possibly other versions, allow remote malicious web servers to execute arbitrary code via base64 encoded replies that exceed the intended buffer lengths when decoded, which is not properly handled by (1) the Curl_input_ntlm function in http_ntlm.c during NTLM authentication or (2) the Curl_krb_kauth and krb4_auth functions in krb4.c during Kerberos authentication.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages3 packages

▶NVDhaxx/libcurl7.12.1

▶Debianhaxx/curl< 7.13.0-2+3

▶NVDhaxx/curl7.12.1

Patches

Patch: distro.conectiva.com.br ↗Patch: marc.info ↗Patch: distro.conectiva.com.br ↗

🔴Vulnerability Details

GHSA

GHSA-7mv6-r5f6-w598: Multiple stack-based buffer overflows in libcURL and cURL 7↗2022-05-01

▶

OSV

CVE-2005-0490: Multiple stack-based buffer overflows in libcURL and cURL 7↗2005-05-02

▶

CVEList

CVE-2005-0490: Multiple stack-based buffer overflows in libcURL and cURL 7↗2005-02-21

▶

📋Vendor Advisories

Ubuntu

cURL vulnerability↗2005-02-28

▶

Red Hat

security flaw↗2005-02-21

▶

Debian

CVE-2005-0490: curl - Multiple stack-based buffer overflows in libcURL and cURL 7.12.1, and possibly o...↗2005

▶

💬Community

Bugzilla

CVE-2005-0490 security flaw↗2018-08-16

▶