Unspecified vulnerability in curl via IP addresses - CVE-2014-3613
|ID: oval:org.secpod.oval:def:21806||Date: (C)2014-12-01 (M)2017-10-27|
|Class: VULNERABILITY||Family: unix|
The host is installed with curl before 7.38.0 and is prone to an unspecified vulnerability. A flaw is present in the application, which does not properly handle IP addresses in cookie domain names. Successful exploitation allows remote attackers to set cookies for or send arbitrary cookies to certain sites.
|Red Hat Enterprise Linux 6|
|Red Hat Enterprise Linux 7|
|Red Hat Enterprise Linux 5|