DSA-4386-1 curl -- curlID: oval:org.secpod.oval:def:53509 | Date: (C)2019-04-30 (M)2023-12-20 |
Class: PATCH | Family: unix |
Multiple vulnerabilities were discovered in cURL, an URL transfer library. CVE-2018-16890 Wenxiang Qian of Tencent Blade Team discovered that the function handling incoming NTLM type-2 messages does not validate incoming data correctly and is subject to an integer overflow vulnerability, which could lead to an out-of-bounds buffer read. CVE-2019-3822 Wenxiang Qian of Tencent Blade Team discovered that the function creating an outgoing NTLM type-3 header is subject to an integer overflow vulnerability, which could lead to an out-of-bounds write. CVE-2019-3823 Brian Carpenter of Geeknik Labs discovered that the code handling the end-of-response for SMTP is subject to an out-of-bounds heap read.