CVE-2014-3707
published 2014-11-15CVE-2014-3707: The curl_easy_duphandle function in libcurl 7.17.1 through 7.38.0, when running with the CURLOPT_COPYPOSTFIELDS option, does not properly copy HTTP POST data…
PriorityP424medium4.3CVSS 2.0
AVNACMAuNCPINAN
EPSS
5.12%
91.3th percentile
The curl_easy_duphandle function in libcurl 7.17.1 through 7.38.0, when running with the CURLOPT_COPYPOSTFIELDS option, does not properly copy HTTP POST data for an easy handle, which triggers an out-of-bounds read that allows remote web servers to read sensitive memory information.
Affected
63 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | mac_os_x | — | — |
| apple | mac_os_x | — | — |
| apple | mac_os_x | — | — |
| apple | mac_os_x | — | — |
| apple | mac_os_x | — | — |
| apple | os_x_yosemite_v10.10.5_and_security_update_2015-006 | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | curl | < curl 7.38.0-3 (bookworm) | curl 7.38.0-3 (bookworm) |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| haxx | curl | >= 0 < 7.38.0-3 | 7.38.0-3 |
| haxx | curl | >= 0 < 7.38.0-3 | 7.38.0-3 |
| haxx | curl | >= 0 < 7.38.0-3 | 7.38.0-3 |
| haxx | curl | >= 0 < 7.38.0-3 | 7.38.0-3 |
| haxx | libcurl | — | — |
| haxx | libcurl | — | — |
| haxx | libcurl | — | — |
| haxx | libcurl | — | — |
| haxx | libcurl | — | — |
| haxx | libcurl | — | — |
| haxx | libcurl | — | — |
| haxx | libcurl | — | — |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:P/I:N/A:N
osv4.3MEDIUM
vendor_debian4.3MEDIUM
vendor_redhat4.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-x89w-3fj3-7gmx: The curl_easy_duphandle function in libcurl 7
ghsa_unreviewed·2022-05-14
CVE-2014-3707 [MEDIUM] CWE-200 GHSA-x89w-3fj3-7gmx: The curl_easy_duphandle function in libcurl 7
The curl_easy_duphandle function in libcurl 7.17.1 through 7.38.0, when running with the CURLOPT_COPYPOSTFIELDS option, does not properly copy HTTP POST data for an easy handle, which triggers an out-of-bounds read that allows remote web servers to read sensitive memory information.
OSV
CVE-2014-3707: The curl_easy_duphandle function in libcurl 7
osv·2014-11-15·CVSS 4.3
CVE-2014-3707 [MEDIUM] CVE-2014-3707: The curl_easy_duphandle function in libcurl 7
The curl_easy_duphandle function in libcurl 7.17.1 through 7.38.0, when running with the CURLOPT_COPYPOSTFIELDS option, does not properly copy HTTP POST data for an easy handle, which triggers an out-of-bounds read that allows remote web servers to read sensitive memory information.
CISA ICS
Hitachi Energy MSM Product
cisa_ics·2022-08-30·CVSS 4.3
[MEDIUM] Hitachi Energy MSM Product
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Hitachi Energy MSM Product
Last RevisedAugust 30, 2022
Alert CodeICSA-22-242-03
## 1. EXECUTIVE SUMMARY
- CVSS v3 7.5
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Hitachi Energy
- Equipment: MSM Product
- Vulnerability: Reliance on Uncontrolled Component
## 2. RISK EVALUATION
Successful exploitation of this vulnerability could disrupt the functionality of the MSM web interface, steal sensitive user credentials, or cause a denial-of-service condition.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
Hitachi Energy reports multiple open-source softwar
Ubuntu
curl vulnerability
vendor_ubuntu·2014-11-10
CVE-2014-3707 curl vulnerability
Title: curl vulnerability
Summary: curl could expose sensitive information over the network.
Symeon Paraschoudis discovered that curl incorrectly handled memory when
being used with CURLOPT_COPYPOSTFIELDS and curl_easy_duphandle(). This may
result in sensitive data being incorrectly sent to the remote server.
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
curl: incorrect handle duplication after COPYPOSTFIELDS
vendor_redhat·2014-11-05·CVSS 4.3
CVE-2014-3707 [MEDIUM] CWE-125 curl: incorrect handle duplication after COPYPOSTFIELDS
curl: incorrect handle duplication after COPYPOSTFIELDS
The curl_easy_duphandle function in libcurl 7.17.1 through 7.38.0, when running with the CURLOPT_COPYPOSTFIELDS option, does not properly copy HTTP POST data for an easy handle, which triggers an out-of-bounds read that allows remote web servers to read sensitive memory information.
A flaw was found in the way the libcurl library performed the duplication of connection handles. If an application set the CURLOPT_COPYPOSTFIELDS option for a handle, using the handle's duplicate could cause the application to crash or disclose a portion of its memory.
Statement: This issue does not affect the versions of curl as shipped with Red Hat Enterprise Linux 5.
Note that there are no applications provided with Red Hat Enterprise Linux that use
Debian
CVE-2014-3707: curl - The curl_easy_duphandle function in libcurl 7.17.1 through 7.38.0, when running ...
vendor_debian·2014·CVSS 4.3
CVE-2014-3707 [MEDIUM] CVE-2014-3707: curl - The curl_easy_duphandle function in libcurl 7.17.1 through 7.38.0, when running ...
The curl_easy_duphandle function in libcurl 7.17.1 through 7.38.0, when running with the CURLOPT_COPYPOSTFIELDS option, does not properly copy HTTP POST data for an easy handle, which triggers an out-of-bounds read that allows remote web servers to read sensitive memory information.
Scope: local
bookworm: resolved (fixed in 7.38.0-3)
bullseye: resolved (fixed in 7.38.0-3)
forky: resolved (fixed in 7.38.0-3)
sid: resolved (fixed in 7.38.0-3)
trixie: resolved (fixed in 7.38.0-3)
Apple
CVE-2014-3707: OS X Yosemite v10.10.5 and Security Update 2015-006
vendor_apple·CVSS 4.3
CVE-2014-3707 [MEDIUM] CVE-2014-3707: OS X Yosemite v10.10.5 and Security Update 2015-006
Apple Security Update: About the security content of OS X Yosemite v10.10.5 and Security Update 2015-006
Product: OS X Yosemite v10.10.5 and Security Update 2015-006
CVE: CVE-2014-3707
Component: CVE-2014-3707
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2014-3707 mingw-curl: curl: incorrect handle duplication after COPYPOSTFIELDS [epel-7]
bugzilla·2014-11-05·CVSS 4.3
CVE-2014-3707 [MEDIUM] CVE-2014-3707 mingw-curl: curl: incorrect handle duplication after COPYPOSTFIELDS [epel-7]
CVE-2014-3707 mingw-curl: curl: incorrect handle duplication after COPYPOSTFIELDS [epel-7]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora EPEL.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
epel-7 tracking bug for mingw-curl: se
Bugzilla
CVE-2014-3707 mingw-curl: curl: incorrect handle duplication after COPYPOSTFIELDS [fedora-all]
bugzilla·2014-11-05·CVSS 4.3
CVE-2014-3707 [MEDIUM] CVE-2014-3707 mingw-curl: curl: incorrect handle duplication after COPYPOSTFIELDS [fedora-all]
CVE-2014-3707 mingw-curl: curl: incorrect handle duplication after COPYPOSTFIELDS [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple suppo
Bugzilla
CVE-2014-3707 curl: incorrect handle duplication after COPYPOSTFIELDS
bugzilla·2014-10-21·CVSS 4.3
CVE-2014-3707 [MEDIUM] CVE-2014-3707 curl: incorrect handle duplication after COPYPOSTFIELDS
CVE-2014-3707 curl: incorrect handle duplication after COPYPOSTFIELDS
Daniel Stenberg reported the following vulnerability in cURL:
""
libcurl's function curl_easy_duphandle() has a bug that can lead to libcurl
eventually sending off sensitive data that was not intended for sending.
When doing an HTTP POST transfer with libcurl, you can use the
`CURLOPT_COPYPOSTFIELDS` option to specify a memory area holding the data to
send to the remote server. The memory area's size is set with a separate
option, for example `CURLOPT_POSTFIELDSIZE`.
As the name implies, the data in the specified buffer is copied to a privately
held memory buffer that libcurl allocates on the heap. The memory area is
associated with the common CURL handle, often referred to as an "easy handle".
This handle can be du
arXiv
Debloating Software through Piece-Wise Compilation and Loading
arxiv_fulltext·2018-07-23
Debloating Software through Piece-Wise Compilation and Loading
Debloating Software through Piece-Wise Compilation and Loading
Anh Quach
Binghamton University
[email protected]
Aravind Prakash
Binghamton University
[email protected]
Lok Yan
Air Force Research Laboratory
[email protected]
empty
gobble
### Abstract
Programs are bloated. Our study shows that only 5% of libc is used on average across the Ubuntu Desktop environment (2016 programs); the heaviest user, vlc media player, only needed 18%.
In this paper: (1) We present a debloating framework built on a compiler toolchain that can successfully debloat programs (shared/static libraries and executables). Our solution can successfully compile and load most libraries on Ubuntu Desktop 16.04. (2) We demonstrate the elimination of over 79% of code from coreutils and 86% of code
http://curl.haxx.se/docs/adv_20141105.htmlhttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA10743http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.htmlhttp://lists.opensuse.org/opensuse-updates/2015-02/msg00040.htmlhttp://rhn.redhat.com/errata/RHSA-2015-1254.htmlhttp://www.debian.org/security/2014/dsa-3069http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.htmlhttp://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.htmlhttp://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.htmlhttp://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.htmlhttp://www.securityfocus.com/bid/70988http://www.ubuntu.com/usn/USN-2399-1https://support.apple.com/kb/HT205031http://curl.haxx.se/docs/adv_20141105.htmlhttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA10743http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.htmlhttp://lists.opensuse.org/opensuse-updates/2015-02/msg00040.htmlhttp://rhn.redhat.com/errata/RHSA-2015-1254.htmlhttp://www.debian.org/security/2014/dsa-3069http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.htmlhttp://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.htmlhttp://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.htmlhttp://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.htmlhttp://www.securityfocus.com/bid/70988http://www.ubuntu.com/usn/USN-2399-1https://support.apple.com/kb/HT205031
2014-11-15
Published