| Revision Date: | 2022-05-20 | Version: | 1 |
| Title: | CVE-2016-4802 |
| Description: |
Multiple untrusted search path vulnerabilities in cURL and libcurl before 7.49.1, when built with SSPI or telnet is enabled, allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) security.dll, (2) secur32.dll, or (3) ws2_32.dll in the application or current working directory.
|
| Family: | unix | Class: | vulnerability |
| Status: | | Reference(s): | Mitre CVE-2016-4802
SUSE CVE-2016-4802
|
| Platform(s): | SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server for SAP Applications 11 SP4
SUSE Linux Enterprise Server for SAP Applications 12
SUSE Linux Enterprise Server for SAP Applications 12 SP1
SUSE Linux Enterprise Software Development Kit 11 SP4
SUSE Linux Enterprise Software Development Kit 12
SUSE Linux Enterprise Software Development Kit 12 SP1
| Product(s): | |
| Definition Synopsis |
| Release Information SUSE Linux Enterprise Desktop 12 is installed
OR SUSE Linux Enterprise Desktop 12 SP1 is installed
AND curl is not affected
|
| Definition Synopsis |
| Release Information
SUSE Linux Enterprise Server 11 SP4 is installed
OR SUSE Linux Enterprise Software Development Kit 11 SP4 is installed
AND curl is not affected
|
| Definition Synopsis |
| Release Information
SUSE Linux Enterprise Desktop 12 is installed
OR SUSE Linux Enterprise Desktop 12 SP1 is installed
OR SUSE Linux Enterprise Server 12 is installed
OR SUSE Linux Enterprise Server 12 SP1 is installed
OR SUSE Linux Enterprise Software Development Kit 12 is installed
OR SUSE Linux Enterprise Software Development Kit 12 SP1 is installed
AND curl is not affected
|
| Definition Synopsis |
| Release Information
SUSE Linux Enterprise Server 12 is installed
OR SUSE Linux Enterprise Server 12 SP1 is installed
AND curl is not affected
|