CVE-2015-3237

The smb_request_state function in cURL and libcurl 7.40.0 through 7.42.1 allows remote SMB servers to obtain sensitive information from memory or cause a denial of service (out-of-bounds read and crash) via crafted length and offset values.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:haxx:libcurl:7.40.0:*:*:*:*:*:*:*
cpe:2.3:a:haxx:libcurl:7.41.0:*:*:*:*:*:*:*
cpe:2.3:a:haxx:curl:7.40.0:*:*:*:*:*:*:*
cpe:2.3:a:haxx:curl:7.41.0:*:*:*:*:*:*:*
cpe:2.3:a:haxx:curl:7.42.0:*:*:*:*:*:*:*
cpe:2.3:a:haxx:curl:7.42.1:*:*:*:*:*:*:*
cpe:2.3:a:haxx:libcurl:7.42.0:*:*:*:*:*:*:*
cpe:2.3:a:haxx:libcurl:7.42.1:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:a:oracle:glassfish_server:3.1.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:enterprise_manager_ops_center:12.1.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:glassfish_server:3.0.1:*:*:*:*:*:*:*

Information

Published : 2015-06-22 12:59

Updated : 2018-10-16 18:29


NVD link : CVE-2015-3237

Mitre link : CVE-2015-3237


JSON object : View

CWE
CWE-20

Improper Input Validation

Advertisement

dedicated server usa

Products Affected

hp

  • system_management_homepage

haxx

  • curl
  • libcurl

oracle

  • glassfish_server
  • enterprise_manager_ops_center