Description

The smb_request_state function in cURL and libcurl 7.40.0 through 7.42.1 allows remote SMB servers to obtain sensitive information from memory or cause a denial of service (out-of-bounds read and crash) via crafted length and offset values.

Remediation

References

CVE-2015-3237

Related Vulnerabilities

MySQL CVE-2021-2304 Vulnerability (CVE-2021-2304)

Oracle Application Server CVE-2007-5526 Vulnerability (CVE-2007-5526)

MediaWiki Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2022-34750)

WordPress Plugin Social Sharing-Sassy Social Share PHP Object Injection (3.3.23)

Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-7838)

Severity

Medium

Classification

CVE-2015-3237 CWE-20

Tags

Missing Update Known Vulnerabilities