Vulnerability & Exploit Database

Back to search

Oracle Solaris 11: CVE-2015-3236: Vulnerability in libcurl

Severity CVSS Published Added Modified
5 (AV:N/AC:L/Au:N/C:P/I:N/A:N) June 21, 2015 May 28, 2017 May 28, 2017

Description

cURL and libcurl 7.40.0 through 7.42.1 send the HTTP Basic authentication credentials for a previous connection when reusing a reset (curl_easy_reset) connection handle to send a request to the same host name, which allows remote attackers to obtain sensitive information via unspecified vectors.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now

References

Solution

oracle-solaris-11-3-upgrade-web-curl-7-45-0-0-175-3-5-0-4-0

Related Vulnerabilities