Vulnerability Description
When asking to get a file from a file:// URL, libcurl provides a feature that outputs meta-data about the file using HTTP-like headers. The code doing this would send the wrong buffer to the user (stdout or the application's provide callback), which could lead to other private data from the heap to get inadvertently displayed. The wrong buffer was an uninitialized memory area allocated on the heap and if it turned out to not contain any zero byte, it would continue and display the data following that buffer in memory.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Haxx | Libcurl | 7.54.1 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/100281Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1039119Third Party AdvisoryVDB Entry
- https://curl.haxx.se/0809C.patchPatchVendor Advisory
- https://security.gentoo.org/glsa/201709-14PatchThird Party AdvisoryVDB Entry
- https://curl.haxx.se/docs/adv_20170809C.htmlVendor Advisory
- http://www.securityfocus.com/bid/100281Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1039119Third Party AdvisoryVDB Entry
- https://curl.haxx.se/0809C.patchPatchVendor Advisory
- https://security.gentoo.org/glsa/201709-14PatchThird Party AdvisoryVDB Entry
FAQ
What is CVE-2017-1000099?
CVE-2017-1000099 is a vulnerability with a CVSS score of 6.5 (MEDIUM). When asking to get a file from a file:// URL, libcurl provides a feature that outputs meta-data about the file using HTTP-like headers. The code doing this would send the wrong buffer to the user (std...
How severe is CVE-2017-1000099?
CVE-2017-1000099 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-1000099?
Check the references section above for vendor advisories and patch information. Affected products include: Haxx Libcurl.