| Revision Date: | 2016-06-24 | Version: | 1 | | Title: | CVE-2016-4802 on Ubuntu 16.04 LTS (xenial) - medium. | | Description: | Multiple untrusted search path vulnerabilities in cURL and libcurl before 7.49.1, when built with SSPI or telnet is enabled, allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) security.dll, (2) secur32.dll, or (3) ws2_32.dll in the application or current working directory.
| | Family: | unix | Class: | vulnerability | | Status: | | Reference(s): | CVE-2016-4802
| | Platform(s): | Ubuntu 16.04 LTS
| Product(s): | | | Definition Synopsis | | Ubuntu 16.04 LTS (xenial) is installed. AND Package Information
NOT curl package in xenial, while related to the CVE in some way, is not affected.
OR NOT libcurl3 package in xenial, while related to the CVE in some way, is not affected.
OR NOT libcurl3-gnutls package in xenial, while related to the CVE in some way, is not affected.
OR NOT libcurl3-nss package in xenial, while related to the CVE in some way, is not affected.
|
|