CVE-2016-9953
published 2018-03-12CVE-2016-9953: The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built for Windows CE using the schannel TLS backend, allows…
PriorityP339critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
1.83%
76.0th percentile
The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built for Windows CE using the schannel TLS backend, allows remote attackers to obtain sensitive information, cause a denial of service (crash), or possibly have unspecified other impact via a wildcard certificate name, which triggers an out-of-bounds read.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | curl | — | — |
| haxx | curl | >= 0 < 7.52.1-r0 | 7.52.1-r0 |
| haxx | curl | >= 0 < 7.52.1-r0 | 7.52.1-r0 |
| haxx | curl | 7.30.0 – 7.51.0 | — |
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv9.8CRITICAL
vendor_debian9.8LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-72rm-6rfp-xgr9: The verify_certificate function in lib/vtls/schannel
ghsa_unreviewed·2022-05-14
CVE-2016-9953 [CRITICAL] CWE-125 GHSA-72rm-6rfp-xgr9: The verify_certificate function in lib/vtls/schannel
The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built for Windows CE using the schannel TLS backend, allows remote attackers to obtain sensitive information, cause a denial of service (crash), or possibly have unspecified other impact via a wildcard certificate name, which triggers an out-of-bounds read.
OSV
CVE-2016-9953: The verify_certificate function in lib/vtls/schannel
osv·2018-03-12·CVSS 9.8
CVE-2016-9953 [CRITICAL] CVE-2016-9953: The verify_certificate function in lib/vtls/schannel
The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built for Windows CE using the schannel TLS backend, allows remote attackers to obtain sensitive information, cause a denial of service (crash), or possibly have unspecified other impact via a wildcard certificate name, which triggers an out-of-bounds read.
Debian
CVE-2016-9953: curl - The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through...
vendor_debian·2016·CVSS 9.8
CVE-2016-9953 [CRITICAL] CVE-2016-9953: curl - The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through...
The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built for Windows CE using the schannel TLS backend, allows remote attackers to obtain sensitive information, cause a denial of service (crash), or possibly have unspecified other impact via a wildcard certificate name, which triggers an out-of-bounds read.
Scope: local
bookworm: resolved
bullseye: resolved
forky: resolved
sid: resolved
trixie: resolved
No detection rules found.
No public exploits indexed.
2018-03-12
Published