cURL/libcURL Remote Input Validation Vulnerability
cURL/libcURL is prone to an input validation vulnerability that lets attackers inject arbitrary data into libcURL-based applications.
This issue affects the following protocols:
IMAP, POP3, and SMTP.
Successful exploits may allow attackers to perform unauthorized actions, like tricking a POP3 client to delete a message or an SMTP server to send an unintended message. Other attacks are also possible.
cURL 7.20.0 through 7.23.1 are vulnerable.