Vulnerability Name:

CVE-2010-0734 (CCN-56203)

Assigned:2010-02-09
Published:2010-02-09
Updated:2018-10-10
Summary:content_encoding.c in libcurl 7.10.5 through 7.19.7, when zlib is enabled, does not properly restrict the amount of callback data sent to an application that requests automatic decompression, which might allow remote attackers to cause a denial of service (application crash) or have unspecified other impact by sending crafted compressed data to an application that relies on the intended data-length limit.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
5.1 Medium (REDHAT CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
3.8 Low (REDHAT Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-264
Vulnerability Consequences:Gain Access
References:Source: CCN
Type: cURL Web page
cURL

Source: CCN
Type: Project cURL Security Advisory, February 9th 2010
libcurl data callback excessive length

Source: CONFIRM
Type: Vendor Advisory
http://curl.haxx.se/docs/adv_20100209.html

Source: CONFIRM
Type: Vendor Advisory
http://curl.haxx.se/docs/security.html#20100209

Source: CONFIRM
Type: Patch
http://curl.haxx.se/libcurl-contentencoding.patch

Source: MITRE
Type: CNA
CVE-2010-0734

Source: APPLE
Type: UNKNOWN
APPLE-SA-2010-06-15-1

Source: FEDORA
Type: UNKNOWN
FEDORA-2010-2762

Source: FEDORA
Type: UNKNOWN
FEDORA-2010-2720

Source: CCN
Type: VMSA-2010-0015
VMware ESX third party updates for Service Console

Source: CCN
Type: RHSA-2010-0273
Moderate: curl security, bug fix and enhancement update

Source: CCN
Type: RHSA-2010-0329
Moderate: curl security update

Source: CCN
Type: SA38427
cURL / libcURL Excessive Data Length in Callback Function

Source: SECUNIA
Type: UNKNOWN
38843

Source: SECUNIA
Type: UNKNOWN
38981

Source: SECUNIA
Type: UNKNOWN
39087

Source: CCN
Type: SA39734
Avaya Products curl Excessive Data Length in Callback Function

Source: SECUNIA
Type: UNKNOWN
39734

Source: CCN
Type: SA39737
Avaya Products Firefox Multiple Vulnerabilities

Source: CCN
Type: SA40220
Apple Mac OS X Security Update Fixes Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
40220

Source: CCN
Type: SA41618
VMware ESX Server Service Console Multiple Vulnerabilities

Source: CCN
Type: SA43313
VMware ESXi curl Security Issue

Source: SECUNIA
Type: UNKNOWN
45047

Source: SECUNIA
Type: UNKNOWN
48256

Source: GENTOO
Type: UNKNOWN
GLSA-201203-02

Source: CCN
Type: Apple Web site
About the security content of Security Update 2010-004 / Mac OS X v10.6.4

Source: CONFIRM
Type: UNKNOWN
http://support.apple.com/kb/HT4188

Source: CCN
Type: ASA-2010-126
curl security update (RHSA-2010-0329)

Source: CONFIRM
Type: UNKNOWN
http://support.avaya.com/css/P8/documents/100081819

Source: CONFIRM
Type: UNKNOWN
http://wiki.rpath.com/Advisories:rPSA-2010-0072

Source: DEBIAN
Type: UNKNOWN
DSA-2023

Source: DEBIAN
Type: DSA-2023
curl -- buffer overflow

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2010:062

Source: MLIST
Type: Patch
[oss-security] 20100209 CVE Request -- cURL/libCURL 7.20.0

Source: MLIST
Type: Patch
[oss-security] 20100309 Re: CVE Request -- cURL/libCURL 7.20.0

Source: MLIST
Type: Patch
[oss-security] 20100316 Re: CVE Request -- cURL/libCURL 7.20.0

Source: CCN
Type: OSVDB ID: 62217
cURL / libcURL Compressed HTTP Content Registered Callback Overflow

Source: REDHAT
Type: UNKNOWN
RHSA-2010:0329

Source: BUGTRAQ
Type: UNKNOWN
20101027 rPSA-2010-0072-1 curl

Source: BUGTRAQ
Type: UNKNOWN
20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX

Source: CCN
Type: BID-38162
cURL/libcURL CURLOPT_ENCODING Option Buffer Overflow Vulnerability

Source: UBUNTU
Type: UNKNOWN
USN-1158-1

Source: CCN
Type: VMSA-2011-0003
Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX

Source: CONFIRM
Type: UNKNOWN
http://www.vmware.com/security/advisories/VMSA-2011-0003.html

Source: VUPEN
Type: UNKNOWN
ADV-2010-0571

Source: VUPEN
Type: UNKNOWN
ADV-2010-0602

Source: VUPEN
Type: UNKNOWN
ADV-2010-0660

Source: VUPEN
Type: UNKNOWN
ADV-2010-0725

Source: VUPEN
Type: UNKNOWN
ADV-2010-1481

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.redhat.com/show_bug.cgi?id=563220

Source: XF
Type: UNKNOWN
curl-libcurl-callback-bo(56203)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:10760

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:6756

Source: CCN
Type: ASA-2010-125
firefox security update (RHSA-2010-0332)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:curl:libcurl:7.10.5:*:*:*:*:*:*:*
  • OR cpe:/a:curl:libcurl:7.10.6:*:*:*:*:*:*:*
  • OR cpe:/a:curl:libcurl:7.10.7:*:*:*:*:*:*:*
  • OR cpe:/a:curl:libcurl:7.10.8:*:*:*:*:*:*:*
  • OR cpe:/a:curl:libcurl:7.11.0:*:*:*:*:*:*:*
  • OR cpe:/a:curl:libcurl:7.11.1:*:*:*:*:*:*:*
  • OR cpe:/a:curl:libcurl:7.11.2:*:*:*:*:*:*:*
  • OR cpe:/a:curl:libcurl:7.12:*:*:*:*:*:*:*
  • OR cpe:/a:curl:libcurl:7.12.0:*:*:*:*:*:*:*
  • OR cpe:/a:curl:libcurl:7.12.1:*:*:*:*:*:*:*
  • OR cpe:/a:curl:libcurl:7.12.2:*:*:*:*:*:*:*
  • OR cpe:/a:curl:libcurl:7.12.3:*:*:*:*:*:*:*
  • OR cpe:/a:curl:libcurl:7.13:*:*:*:*:*:*:*
  • OR cpe:/a:curl:libcurl:7.13.1:*:*:*:*:*:*:*
  • OR cpe:/a:curl:libcurl:7.13.2:*:*:*:*:*:*:*
  • OR cpe:/a:curl:libcurl:7.14:*:*:*:*:*:*:*
  • OR cpe:/a:curl:libcurl:7.14.1:*:*:*:*:*:*:*
  • OR cpe:/a:curl:libcurl:7.15:*:*:*:*:*:*:*
  • OR cpe:/a:curl:libcurl:7.15.1:*:*:*:*:*:*:*
  • OR cpe:/a:curl:libcurl:7.15.2:*:*:*:*:*:*:*
  • OR cpe:/a:curl:libcurl:7.15.3:*:*:*:*:*:*:*
  • OR cpe:/a:curl:libcurl:7.16.3:*:*:*:*:*:*:*
  • OR cpe:/a:curl:libcurl:7.17.0:*:*:*:*:*:*:*
  • OR cpe:/a:curl:libcurl:7.17.1:*:*:*:*:*:*:*
  • OR cpe:/a:curl:libcurl:7.18.0:*:*:*:*:*:*:*
  • OR cpe:/a:curl:libcurl:7.18.1:*:*:*:*:*:*:*
  • OR cpe:/a:curl:libcurl:7.18.2:*:*:*:*:*:*:*
  • OR cpe:/a:curl:libcurl:7.19.0:*:*:*:*:*:*:*
  • OR cpe:/a:curl:libcurl:7.19.1:*:*:*:*:*:*:*
  • OR cpe:/a:curl:libcurl:7.19.2:*:*:*:*:*:*:*
  • OR cpe:/a:curl:libcurl:7.19.3:*:*:*:*:*:*:*
  • OR cpe:/a:curl:libcurl:7.19.4:*:*:*:*:*:*:*
  • OR cpe:/a:curl:libcurl:7.19.5:*:*:*:*:*:*:*
  • OR cpe:/a:curl:libcurl:7.19.6:*:*:*:*:*:*:*
  • OR cpe:/a:curl:libcurl:7.19.7:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

    • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

    • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

    • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

    • Configuration RedHat 9:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:curl:curl:7.12.1:*:*:*:*:*:*:*
  • OR cpe:/a:curl:curl:7.13.2:*:*:*:*:*:*:*
  • OR cpe:/a:curl:curl:7.19.3:*:*:*:*:*:*:*
  • OR cpe:/a:curl:curl:7.16.3:*:*:*:*:*:*:*
  • OR cpe:/a:curl:curl:7.16.4:*:*:*:*:*:*:*
  • OR cpe:/a:curl:curl:7.10.5:*:*:*:*:*:*:*
  • OR cpe:/a:curl:curl:7.10.6:*:*:*:*:*:*:*
  • OR cpe:/a:curl:curl:7.10.7:*:*:*:*:*:*:*
  • OR cpe:/a:curl:curl:7.10.8:*:*:*:*:*:*:*
  • OR cpe:/a:curl:curl:7.11.1:*:*:*:*:*:*:*
  • OR cpe:/a:curl:curl:7.12:*:*:*:*:*:*:*
  • OR cpe:/a:curl:curl:7.12.2:*:*:*:*:*:*:*
  • OR cpe:/a:curl:curl:7.13:*:*:*:*:*:*:*
  • OR cpe:/a:curl:curl:7.14:*:*:*:*:*:*:*
  • OR cpe:/a:curl:curl:7.14.1:*:*:*:*:*:*:*
  • OR cpe:/a:curl:curl:7.15:*:*:*:*:*:*:*
  • OR cpe:/a:curl:curl:7.15.1:*:*:*:*:*:*:*
  • OR cpe:/a:curl:curl:7.15.3:*:*:*:*:*:*:*
  • OR cpe:/a:curl:curl:7.17:*:*:*:*:*:*:*
  • OR cpe:/a:curl:curl:7.18:*:*:*:*:*:*:*
  • AND
  • cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:avaya:message_networking:-:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0::x86-64:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*
  • OR cpe:/a:avaya:sip_enablement_services:*:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.0:-:x86_64:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:5.0:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:esxi:3.5:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.1:*:*:*:x86_64:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.6:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.6:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:esxi:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:enterprise_server:5:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:enterprise_server:5:*:*:*:x86_64:*:*:*
  • OR cpe:/o:mandriva:linux:2010:*:*:*:x86_64:*:*:*
  • OR cpe:/o:mandriva:linux:2010:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:13184
    P
    		USN-1158-1 -- curl vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:13495
    P
    		DSA-2023-1 curl -- buffer overflow
    2014-06-23
    oval:org.mitre.oval:def:6701
    P
    		DSA-2023 curl -- buffer overflow
    2014-06-23
    oval:org.mitre.oval:def:23020
    P
    		ELSA-2010:0273: curl security, bug fix and enhancement update (Moderate)
    2014-05-26
    oval:org.mitre.oval:def:22172
    P
    		RHSA-2010:0273: curl security, bug fix and enhancement update (Moderate)
    2014-02-24
    oval:org.mitre.oval:def:6756
    V
    		VMware ESX, Service Console update for cURL.
    2014-01-20
    oval:org.mitre.oval:def:10760
    V
    		content_encoding.c in libcurl 7.10.5 through 7.19.7, when zlib is enabled, does not properly restrict the amount of callback data sent to an application that requests automatic decompression, which might allow remote attackers to cause a denial of service (application crash) or have unspecified other impact by sending crafted compressed data to an application that relies on the intended data-length limit.
    2013-04-29
    oval:com.redhat.rhsa:def:20100273
    P
    		RHSA-2010:0273: curl security, bug fix and enhancement update (Moderate)
    2010-03-30
    oval:com.redhat.rhsa:def:20100329
    P
    		RHSA-2010:0329: curl security update (Moderate)
    2010-03-30
    oval:org.debian:def:2023
    V
    		buffer overflow
    2010-03-28
    BACK
    curl libcurl 7.10.5
    curl libcurl 7.10.6
    curl libcurl 7.10.7
    curl libcurl 7.10.8
    curl libcurl 7.11.0
    curl libcurl 7.11.1
    curl libcurl 7.11.2
    curl libcurl 7.12
    curl libcurl 7.12.0
    curl libcurl 7.12.1
    curl libcurl 7.12.2
    curl libcurl 7.12.3
    curl libcurl 7.13
    curl libcurl 7.13.1
    curl libcurl 7.13.2
    curl libcurl 7.14
    curl libcurl 7.14.1
    curl libcurl 7.15
    curl libcurl 7.15.1
    curl libcurl 7.15.2
    curl libcurl 7.15.3
    curl libcurl 7.16.3
    curl libcurl 7.17.0
    curl libcurl 7.17.1
    curl libcurl 7.18.0
    curl libcurl 7.18.1
    curl libcurl 7.18.2
    curl libcurl 7.19.0
    curl libcurl 7.19.1
    curl libcurl 7.19.2
    curl libcurl 7.19.3
    curl libcurl 7.19.4
    curl libcurl 7.19.5
    curl libcurl 7.19.6
    curl libcurl 7.19.7
    curl curl 7.12.1
    curl curl 7.13.2
    curl curl 7.19.3
    curl curl 7.16.3
    curl curl 7.16.4
    curl curl 7.10.5
    curl curl 7.10.6
    curl curl 7.10.7
    curl curl 7.10.8
    curl curl 7.11.1
    curl curl 7.12
    curl curl 7.12.2
    curl curl 7.13
    curl curl 7.14
    curl curl 7.14.1
    curl curl 7.15
    curl curl 7.15.1
    curl curl 7.15.3
    curl curl 7.17
    curl curl 7.18
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    mandrakesoft mandrake multi network firewall 2.0
    avaya message networking -
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux corporate server 4.0
    redhat enterprise linux 5
    redhat enterprise linux 5
    mandrakesoft mandrake linux 2008.0
    redhat enterprise linux 5
    mandrakesoft mandrake linux 2008.0
    avaya sip enablement services *
    mandriva linux 2009.0
    mandriva linux 2009.0 -
    debian debian linux 5.0
    vmware esxi 3.5
    mandriva linux 2009.1
    mandriva linux 2009.1
    apple mac os x 10.5.8
    apple mac os x server 10.5.8
    apple mac os x server 10.6
    apple mac os x 10.6
    apple mac os x server 10.6.1
    apple mac os x 10.6.1
    apple mac os x server 10.6.2
    apple mac os x 10.6.2
    vmware esxi 4.0
    apple mac os x 10.6.3
    apple mac os x server 10.6.3
    mandriva enterprise server 5
    mandriva enterprise server 5
    mandriva linux 2010
    mandriva linux 2010