Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2019-3823
Description:libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to `smtp_endofresp()` isn't NUL terminated and contains no character ending the parsed number, and `len` is set to 5, then the `strtol()` call reads beyond the allocated buffer. The read contents will not be returned to the caller.
Test IDs: 1.3.6.1.4.1.25623.1.0.704386  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2019-3823
BugTraq ID: 106950
http://www.securityfocus.com/bid/106950
Debian Security Information: DSA-4386 (Google Search)
https://www.debian.org/security/2019/dsa-4386
https://security.gentoo.org/glsa/201903-03
https://curl.haxx.se/docs/CVE-2019-3823.html
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f@%3Cdevnull.infra.apache.org%3E
RedHat Security Advisories: RHSA-2019:3701
https://access.redhat.com/errata/RHSA-2019:3701
https://usn.ubuntu.com/3882-1/




© 1998-2024 E-Soft Inc. All rights reserved.