Description

The smb_request_state function in cURL and libcurl 7.40.0 through 7.42.1 allows remote SMB servers to obtain sensitive information from memory or cause a denial of service (out-of-bounds read and crash) via crafted length and offset values.

Remediation

References

CVE-2015-3237

Related Vulnerabilities

WordPress Plugin Sliding Recent Posts Cross-Site Request Forgery (1.0)

Joomla! Core 3.x.x Multiple Cross-Site Request Forgery Vulnerabilities (3.2.0 - 3.9.15)

MySQL CVE-2019-2780 Vulnerability (CVE-2019-2780)

WordPress Plugin Multiple Page Generator-MPG Cross-Site Request Forgery (3.3.9)

Django Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-0305)

Severity

Medium

Classification

CVE-2015-3237 CWE-20

Tags

Missing Update Known Vulnerabilities