cURL/libcURL 'curl_easy_unescape()' Heap Memory Corruption Vulnerability

cURL/libcURL is prone to a heap-memory-corruption vulnerability because it fails to properly perform bounds check on user-supplied data.

Attackers can exploit this issue to execute arbitrary code in the context of the affected application or cause denial-of-service conditions; other attacks may also be possible.

cURL versions 7.7 through 7.30.0 are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus