cURL/libcURL Remote Input Validation Vulnerability

cURL/libcURL is prone to an input validation vulnerability that lets attackers inject arbitrary data into libcURL-based applications.

This issue affects the following protocols:

IMAP, POP3, and SMTP.

Successful exploits may allow attackers to perform unauthorized actions, like tricking a POP3 client to delete a message or an SMTP server to send an unintended message. Other attacks are also possible.

cURL 7.20.0 through 7.23.1 are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus