[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

MDVSA-2010:062 -- Mandriva curl

ID: oval:org.secpod.oval:def:300054Date: (C)2012-01-07   (M)2022-09-20
Class: PATCHFamily: unix




A vulnerability has been found and corrected in curl: content_encoding.c in libcurl 7.10.5 through 7.19.7, when zlib is enabled, does not properly restrict the amount of callback data sent to an application that requests automatic decompression, which might allow remote attackers to cause a denial of service or have unspecified other impact by sending crafted compressed data to an application that relies on the intended data-length limit . Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct theis issue.

Platform:
Mandriva Linux 2010.0
Mandriva Linux 2009.0
Mandriva Linux 2009.1
Mandriva Linux 2008.0
Product:
curl
Reference:
MDVSA-2010:062
CVE-2010-0734
CVE    1
CVE-2010-0734
CPE    4
cpe:/o:mandriva:linux:2009.0
cpe:/o:mandriva:linux:2008.0
cpe:/o:mandriva:linux:2009.1
cpe:/o:mandriva:linux:2010.0
...

© SecPod Technologies