Vulnerability CVE-2015-3237: Information
Description
The smb_request_state function in cURL and libcurl 7.40.0 through 7.42.1 allows remote SMB servers to obtain sensitive information from memory or cause a denial of service (out-of-bounds read and crash) via crafted length and offset values.
Severity: MEDIUM (6.4)
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
curl | sisyphus | 7.43.0-alt1 | 8.7.1-alt2 | ALT-PU-2015-1555-1 | 145590 | Fixed |
curl | p10 | 7.43.0-alt1 | 8.7.1-alt2 | ALT-PU-2015-1555-1 | 145590 | Fixed |
curl | p9 | 7.43.0-alt1 | 7.79.0-alt2 | ALT-PU-2015-1555-1 | 145590 | Fixed |
curl | c10f1 | 7.43.0-alt1 | 8.6.0-alt1 | ALT-PU-2015-1555-1 | 145590 | Fixed |
curl | c9f2 | 7.43.0-alt1 | 8.6.0-alt1 | ALT-PU-2015-1555-1 | 145590 | Fixed |
curl | c7 | 7.56.1-alt1.M70C.1.1 | 7.56.1-alt1.M70C.1.1 | ALT-PU-2018-1442-1 | 202075 | Fixed |