Back to search
CVE-2010-0734
Published: Mar 19, 2010
Modified: Aug 7, 2024
PUBLISHED
Description
content_encoding.c in libcurl 7.10.5 through 7.19.7, when zlib is enabled, does not properly restrict the amount of callback data sent to an application that requests automatic decompression, which might allow remote attackers to cause a denial of service (application crash) or have unspecified other impact by sending crafted compressed data to an application that relies on the intended data-length limit.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
APPLE-SA-2010-06-15-1
vendor-advisory
x_refsource_APPLE
ADV-2010-0571
vdb-entry
x_refsource_VUPEN
ADV-2010-0602
vdb-entry
x_refsource_VUPEN
20101027 rPSA-2010-0072-1 curl
mailing-list
x_refsource_BUGTRAQ
38843
third-party-advisory
x_refsource_SECUNIA
[oss-security] 20100309 Re: CVE Request -- cURL/libCURL 7.20.0
mailing-list
x_refsource_MLIST
38981
third-party-advisory
x_refsource_SECUNIA
ADV-2010-1481
vdb-entry
x_refsource_VUPEN
USN-1158-1
vendor-advisory
x_refsource_UBUNTU
http://curl.haxx.se/docs/adv_20100209.html
x_refsource_CONFIRM
ADV-2010-0725
vdb-entry
x_refsource_VUPEN
DSA-2023
vendor-advisory
x_refsource_DEBIAN
RHSA-2010:0329
vendor-advisory
x_refsource_REDHAT
oval:org.mitre.oval:def:10760
vdb-entry
signature
x_refsource_OVAL
http://support.apple.com/kb/HT4188
x_refsource_CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=563220
x_refsource_CONFIRM
MDVSA-2010:062
vendor-advisory
x_refsource_MANDRIVA
40220
third-party-advisory
x_refsource_SECUNIA
GLSA-201203-02
vendor-advisory
x_refsource_GENTOO
FEDORA-2010-2720
vendor-advisory
x_refsource_FEDORA
FEDORA-2010-2762
vendor-advisory
x_refsource_FEDORA
48256
third-party-advisory
x_refsource_SECUNIA
http://support.avaya.com/css/P8/documents/100081819
x_refsource_CONFIRM
[oss-security] 20100316 Re: CVE Request -- cURL/libCURL 7.20.0
mailing-list
x_refsource_MLIST
39087
third-party-advisory
x_refsource_SECUNIA
http://www.vmware.com/security/advisories/VMSA-2011-0003.html
x_refsource_CONFIRM
45047
third-party-advisory
x_refsource_SECUNIA
http://wiki.rpath.com/Advisories:rPSA-2010-0072
x_refsource_CONFIRM
http://curl.haxx.se/libcurl-contentencoding.patch
x_refsource_CONFIRM
20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
mailing-list
x_refsource_BUGTRAQ
oval:org.mitre.oval:def:6756
vdb-entry
signature
x_refsource_OVAL
39734
third-party-advisory
x_refsource_SECUNIA
http://curl.haxx.se/docs/security.html#20100209
x_refsource_CONFIRM
ADV-2010-0660
vdb-entry
x_refsource_VUPEN
[oss-security] 20100209 CVE Request -- cURL/libCURL 7.20.0
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now