Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
curl before version 7.52.0 is vulnerable to a buffer overflow when doing a large floating point output in libcurl's implementation of the printf() functions. If there are any application that accepts a format string from the outside without necessary input filtering, it could allow remote attacks.
CVSS Information
N/A
Vulnerability Type
堆缓冲区溢出
Vulnerability Title
Haxx curl 缓冲区错误漏洞
Vulnerability Description
Haxx curl是瑞典Haxx公司的一套利用URL语法在命令行下工作的文件传输工具,该工具支持文件上传和下载,并包含一个用于程序开发的libcurl(客户端URL传输库)。 Haxx curl 7.52.0之前版本中存在缓冲区溢出漏洞,该漏洞源于程序没有充分地对用户提交的数据执行边界检查,导致程序复制数据的大小超出了分配的内存缓冲区空间。攻击者可借助特制的数据利用该漏洞在受影响程序的上下文中执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A