cURL/libcURL 'curl_easy_duphandle()' Function Heap Memory Corruption Vulnerability

Bugtraq ID: 70988
Class: Design Error
CVE: CVE-2014-3707
Remote: Yes
Local: No
Published: Nov 05 2014 12:00AM
Updated: Oct 19 2017 03:03AM
Credit: Symeon Paraschoudis
Vulnerable: Redhat Enterprise Linux Workstation 6
Redhat Enterprise Linux Server 6
Redhat Enterprise Linux HPC Node Optional 6
Redhat Enterprise Linux HPC Node 6
Redhat Enterprise Linux Desktop Optional 6
Redhat Enterprise Linux Desktop 6
Oracle Linux 0
Oracle Enterprise Linux 7
Oracle Enterprise Linux 6.2
Oracle Enterprise Linux 6
Oracle Communications WebRTC Session Controller 7.2
Oracle Communications WebRTC Session Controller 7.1
Oracle Communications WebRTC Session Controller 7.0
Mandriva Business Server 1 X86 64
Mandriva Business Server 1
Juniper Junos 15.1X53-D20
Juniper Junos 15.1X49-D30
Juniper Junos 15.1X49-D20
Juniper Junos 15.1X49-D15
Juniper Junos 15.1X49-D10
Juniper Junos 15.1R1
Juniper Junos 14.2R4
Juniper Junos 14.2R3
Juniper Junos 14.2R2
Juniper Junos 14.2R1
Juniper Junos 14.1X53-D28
Juniper Junos 14.1X53-D26
Juniper Junos 14.1X53-D25
Juniper Junos 14.1X53-D20
Juniper Junos 14.1X53-D18
Juniper Junos 14.1X53-D16
Juniper Junos 14.1X53-D12
Juniper Junos 14.1X53-D10
Juniper Junos 14.1R5
Juniper Junos 14.1R4
Juniper Junos 14.1R3
Juniper Junos 14.1R2
Juniper Junos 14.1R1
Juniper Junos 13.3R1
Juniper Junos 13.2X51-D36
Juniper Junos 13.2X51-D30
Juniper Junos 13.2X51-D26
Juniper Junos 13.2X51-D25
Juniper Junos 13.2X51-D20
Juniper Junos 13.2X51-D15
Juniper Junos 13.2R8
Juniper Junos 13.2R7
Juniper Junos 13.2R6
Juniper Junos 13.2R5
Juniper Junos 13.2R4
Juniper Junos 13.2R3
Juniper Junos 13.2R2
Juniper Junos 13.2R1
Juniper Junos 12.3X48-D25
Juniper Junos 12.3X48-D20
Juniper Junos 12.3X48-D15
Juniper Junos 12.3X48-D10
Juniper Junos 12.3R9
Juniper Junos 12.3R8
Juniper Junos 12.3R7
Juniper Junos 12.3R6
Juniper Junos 12.3R5
Juniper Junos 12.3R10
Juniper Junos 12.1X47-D30
Juniper Junos 12.1X47-D25
Juniper Junos 12.1X47-D20
Juniper Junos 12.1X47-D15
Juniper Junos 12.1X47-D11
Juniper Junos 12.1X47-D10
Juniper Junos 12.1X46-D45
Juniper Junos 12.1X46-D40
Juniper Junos 12.1X46-D36
Juniper Junos 12.1X46-D35
Juniper Junos 12.1X46-D30
Juniper Junos 12.1X46-D26
Juniper Junos 12.1X46-D25
Juniper Junos 12.1X46-D20.5
Juniper Junos 12.1X46-D15
Juniper Junos 12.1X46-D10
IBM Security Network Protection 5.3
IBM Security Network Protection 5.2.0
IBM PowerKVM 2.1.1 build 57
IBM PowerKVM 3.1
IBM PowerKVM 2.1.1 SP2 (build 51)
IBM PowerKVM 2.1.1 Build 65.1
IBM PowerKVM 2.1.1 build 58
IBM PowerKVM 2.1
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Daniel Stenberg curl 7.36
Daniel Stenberg curl 7.34
Daniel Stenberg curl 7.33
Daniel Stenberg curl 7.32
Daniel Stenberg curl 7.31
Daniel Stenberg curl 7.20
Daniel Stenberg curl 7.19.6
Daniel Stenberg curl 7.19.5
Daniel Stenberg curl 7.19.4
Daniel Stenberg curl 7.19.3
Daniel Stenberg curl 7.19
Daniel Stenberg curl 7.18.1
Daniel Stenberg curl 7.18
Daniel Stenberg curl 7.17
Daniel Stenberg curl 7.2.1
Daniel Stenberg curl 7.2
Daniel Stenberg curl 7.38.0
Daniel Stenberg curl 7.35.0
Daniel Stenberg curl 7.29.0
Daniel Stenberg curl 7.28.1
Daniel Stenberg curl 7.28.0
Daniel Stenberg curl 7.27.0
Daniel Stenberg curl 7.26.0
Daniel Stenberg curl 7.24.0
Daniel Stenberg curl 7.23.1
Daniel Stenberg curl 7.21.7
Daniel Stenberg curl 7.21.4
Daniel Stenberg curl 7.20.2
Daniel Stenberg curl 7.20.1
Apple Mac Os X 10.10.4
Apple Mac Os X 10.10.3
Apple Mac OS X 10.10.2
Apple Mac OS X 10.10.1
Apple Mac OS X 10.10
Not Vulnerable: Juniper Junos 15.1X53-D35
Juniper Junos 15.1X49-D40
Juniper Junos 15.1R2
Juniper Junos 14.2R5
Juniper Junos 14.1X53-D30
Juniper Junos 14.1R6
Juniper Junos 13.3R8
Juniper Junos 13.2X51-D40
Juniper Junos 13.2X51-D39
Juniper Junos 13.2R9
IBM PowerKVM 2.1.1 SP3
IBM PowerKVM 2.1.1 Build 65.5
IBM PowerKVM 3.1 Build 2
Daniel Stenberg curl 7.39.0
Apple Mac Os X 10.10.5


 

Privacy Statement
Copyright 2010, SecurityFocus