Description
The smb_request_state function in cURL and libcurl 7.40.0 through 7.42.1 allows remote SMB servers to obtain sensitive information from memory or cause a denial of service (out-of-bounds read and crash) via crafted length and offset values.
Remediation
References
Related Vulnerabilities
MySQL CVE-2021-2304 Vulnerability (CVE-2021-2304)
Oracle Application Server CVE-2007-5526 Vulnerability (CVE-2007-5526)
MediaWiki Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2022-34750)
WordPress Plugin Social Sharing-Sassy Social Share PHP Object Injection (3.3.23)
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-7838)