cURL CVE-2018-16839 Heap Buffer Overflow Vulnerability
BID:106371
Info
cURL CVE-2018-16839 Heap Buffer Overflow Vulnerability
| Bugtraq ID: | 106371 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2018-16839 |
| Remote: | Yes |
| Local: | No |
| Published: | Oct 31 2018 12:00AM |
| Updated: | Oct 31 2018 12:00AM |
| Credit: | Harry Sintonen |
| Vulnerable: |
Haxx Curl 7.61.1 Haxx Curl 7.61 Haxx Curl 7.60 Haxx Curl 7.59 Haxx Curl 7.58 Haxx Curl 7.56.1 Haxx Curl 7.56 Haxx Curl 7.55.1 Haxx Curl 7.55 Haxx Curl 7.54.1 Haxx Curl 7.54 Haxx Curl 7.53.1 Haxx Curl 7.53 Haxx Curl 7.52 Haxx Curl 7.51 Haxx Curl 7.50.3 Haxx Curl 7.50 Haxx Curl 7.47 Haxx Curl 7.46 Haxx Curl 7.45 Haxx Curl 7.43 Haxx Curl 7.42.1 Haxx Curl 7.36 Haxx Curl 7.34 Haxx Curl 7.33 Haxx Curl 7.57.0 Haxx Curl 7.52.1 Haxx Curl 7.50.1 Haxx Curl 7.49.0 Haxx Curl 7.48.0 Haxx Curl 7.42.0 Haxx Curl 7.41.0 Haxx Curl 7.40.0 Haxx Curl 7.39.0 Haxx Curl 7.38.0 Haxx Curl 7.37.1 Haxx Curl 7.35.0 |
| Not Vulnerable: |
Haxx Curl 7.62 |
Solution / Fix
cURL CVE-2018-16839 Heap Buffer Overflow Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
cURL CVE-2018-16839 Heap Buffer Overflow Vulnerability
References:
References:
- Curl Github Repository (Github)
- Curl Home Page (Daniel Stenberg)
- Curl Product Page (Haxx)
- Curl_auth_create_plain_message: fix too-large-input-check (Github)
- [SECURITY] [DLA 1568-1] curl security update (Debian)
- CVE-2018-16839 curl: Integer overflow leading to heap-based buffer overflow in C (Redhat)
- Debian Security Advisory (Debian)
- Red Hat Bugzilla �?? Bug 1642201 (Red Hat Bugzilla)