QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2017-1000257

Back to search

CVE-2017-1000257

Published: Oct 31, 2017

Modified: Apr 15, 2026

PUBLISHED

Description

An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that (non-existing) data with a pointer and the size (zero) to the deliver-data function. libcurl's deliver-data function treats zero as a magic number and invokes strlen() on the data to figure out the length. The strlen() is called on a heap based buffer that might not be zero terminated so libcurl might read beyond the end of it into whatever memory lies after (or just crash) and then deliver that to the application as if it was actually downloaded.

VendorProductVersions

n/a

n/a

affected
n/a

References

RHSA-2017:3263
vendor-advisory
x_refsource_REDHAT
GLSA-201712-04
vendor-advisory
x_refsource_GENTOO
1039644
vdb-entry
x_refsource_SECTRACK
RHSA-2018:3558
vendor-advisory
x_refsource_REDHAT
101519
vdb-entry
x_refsource_BID
DSA-4007
vendor-advisory
x_refsource_DEBIAN
RHSA-2018:2486
vendor-advisory
x_refsource_REDHAT

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now