CVE-2015-3145

Published: Apr 24, 2015Modified: May 6, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

The sanitize_cookie_path function in cURL and libcurl 7.31.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly have other unspecified impact via a cookie path containing only a double-quote character.

Affected (41)

Products: Fedoraproject: Fedora · Canonical: Ubuntu Linux · Debian: Debian Linux · +5 more

Show all products

Fedoraproject: Fedora · Canonical: Ubuntu Linux · Debian: Debian Linux · Haxx: Curl, Libcurl · Apple: Mac Os X · Oracle: Solaris · Hp: System Management Homepage · Opensuse: Opensuse

1 product

1 product

1 product

2 products

1 product

1 product

1 product

System Management Homepage

Opensuse

1 product

Opensuse

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Fedoraproject Fedora	Version 21
Fedoraproject Fedora	Version 22

Configuration B

5 vulnerable

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Version 12.04
Canonical Ubuntu Linux	Version 14.04
Canonical Ubuntu Linux	Version 14.10
Canonical Ubuntu Linux	Version 15.04
Debian Debian Linux	Version 7.0

Configuration C

12 vulnerable

Vulnerable Software	Affected Versions
Haxx Curl	Version 7.31.0
Haxx Curl	Version 7.32.0
Haxx Curl	Version 7.33.0
Haxx Curl	Version 7.34.0
Haxx Curl	Version 7.35.0
Haxx Curl	Version 7.36.0
Haxx Curl	Version 7.37.0
Haxx Curl	Version 7.37.1
Haxx Curl	Version 7.38.0
Haxx Curl	Version 7.39.0
Haxx Curl	Version 7.40.0
Haxx Curl	Version 7.41.0

Configuration D

5 vulnerable

Vulnerable Software	Affected Versions
Apple Mac Os X	Version 10.10.0
Apple Mac Os X	Version 10.10.1
Apple Mac Os X	Version 10.10.2
Apple Mac Os X	Version 10.10.3
Apple Mac Os X	Version 10.10.4

Configuration E

1 vulnerable

Vulnerable Software	Affected Versions
Oracle Solaris	Version 11.3

Configuration F

13 vulnerable

Vulnerable Software	Affected Versions
Haxx Libcurl	Version 7.30.0
Haxx Libcurl	Version 7.31.0
Haxx Libcurl	Version 7.32.0
Haxx Libcurl	Version 7.33.0
Haxx Libcurl	Version 7.34.0
Haxx Libcurl	Version 7.35.0
Haxx Libcurl	Version 7.36.0
Haxx Libcurl	Version 7.37.0
Haxx Libcurl	Version 7.37.1
Haxx Libcurl	Version 7.38.0
Haxx Libcurl	Version 7.39
Haxx Libcurl	Version 7.40.0
Haxx Libcurl	Version 7.41.0

Configuration G

1 vulnerable

Vulnerable Software	Affected Versions
Hp System Management Homepage	Up to 7.5.3.1

Configuration H

2 vulnerable

Vulnerable Software	Affected Versions
Opensuse Opensuse	Version 13.1
Opensuse Opensuse	Version 13.2

Related CWEs

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (40)

http://advisories.mageia.org/MGASA-2015-0179.html

Source: secalert@redhat.com

Third Party Advisory

http://curl.haxx.se/docs/adv_20150422C.html

Source: secalert@redhat.com

Vendor Advisory

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10743

Source: secalert@redhat.com

http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html

Source: secalert@redhat.com

Third Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155957.html

Source: secalert@redhat.com

Third Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156250.html

Source: secalert@redhat.com

http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.html

Source: secalert@redhat.com

Third Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157017.html

Source: secalert@redhat.com

Third Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157188.html

Source: secalert@redhat.com

Third Party Advisory

http://lists.opensuse.org/opensuse-updates/2015-04/msg00057.html

Source: secalert@redhat.com

Third Party Advisory

http://www.debian.org/security/2015/dsa-3232

Source: secalert@redhat.com

Third Party Advisory

http://www.mandriva.com/security/advisories?name=MDVSA-2015:219

Source: secalert@redhat.com

Third Party Advisory

http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

Source: secalert@redhat.com

http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html

Source: secalert@redhat.com

Third Party Advisory

http://www.securityfocus.com/bid/74303

Source: secalert@redhat.com

http://www.securitytracker.com/id/1032232

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

http://www.ubuntu.com/usn/USN-2591-1

Source: secalert@redhat.com

Third Party Advisory

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763

Source: secalert@redhat.com

Third Party Advisory

https://security.gentoo.org/glsa/201509-02

Source: secalert@redhat.com

https://support.apple.com/kb/HT205031

Source: secalert@redhat.com

Third Party Advisory

http://advisories.mageia.org/MGASA-2015-0179.html