#VU655 Arbitrary code execution in libcurl


Published: 2016-09-23

Vulnerability identifier: #VU655

Vulnerability risk: High

CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2016-7167

CWE-ID: CWE-191

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
libcurl
Universal components / Libraries / Libraries used by multiple products

Vendor: curl.haxx.se

Description
The vulnerability exposes a remote user's possibility to cause arbitrary code execution on the target system.
The weakness exists due to integer overflow. Using of specially crafted length parameter value to certain libcurl functions allows attackers to obtain potentially sensitive information and execute arbitrary code.
Successful exploitation of the vulnerability may result in arbitrary code execution on the vulnerable system.

Mitigation
Update to 7.50.3.

Vulnerable software versions

libcurl: 7.10.6 - 7.50.2

External links
http://curl.haxx.se/docs/adv_20160914.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in Dell EMC Unisphere Central
Multiple vulnerabilities in Hitachi Energy MSM Product
OpenSUSE Linux update for curl
SUSE Linux update for curl
SUSE Linux update for curl
Arch Linux update for curl
Arch Linux update for lib32-curl
Arch Linux update for curl
Slackware Linux update for curl
Arbitrary code execution in curl (Alpine package)