A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl. An integer overflow in curl#039;s URL API results in a buffer overflow in libcurl