CVE-2016-3739

Published: May 20, 2016Modified: May 6, 2026

5.3

Vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

Exploitability: 1.6 / Impact: 3.6

Source: NVD

Description

The (1) mbed_connect_step1 function in lib/vtls/mbedtls.c and (2) polarssl_connect_step1 function in lib/vtls/polarssl.c in cURL and libcurl before 7.49.0, when using SSLv3 or making a TLS connection to a URL that uses a numerical IP address, allow remote attackers to spoof servers via an arbitrary valid certificate.

Affected (37)

Products: Haxx: Curl

1 product

Configuration A

37 vulnerable

Vulnerable Software	Affected Versions
Haxx Curl	Version 7.21.0
Haxx Curl	Version 7.21.1
Haxx Curl	Version 7.21.2
Haxx Curl	Version 7.21.3
Haxx Curl	Version 7.21.4
Haxx Curl	Version 7.21.5
Haxx Curl	Version 7.21.6
Haxx Curl	Version 7.21.7
Haxx Curl	Version 7.22.0
Haxx Curl	Version 7.23.0
Haxx Curl	Version 7.23.1
Haxx Curl	Version 7.24.0
Haxx Curl	Version 7.25.0
Haxx Curl	Version 7.26.0
Haxx Curl	Version 7.27.0
Haxx Curl	Version 7.28.0
Haxx Curl	Version 7.28.1
Haxx Curl	Version 7.29.0
Haxx Curl	Version 7.30.0
Haxx Curl	Version 7.31.0
Haxx Curl	Version 7.32.0
Haxx Curl	Version 7.33.0
Haxx Curl	Version 7.34.0
Haxx Curl	Version 7.35.0
Haxx Curl	Version 7.36.0
Haxx Curl	Version 7.38.0
Haxx Curl	Version 7.39.0
Haxx Curl	Version 7.40.0
Haxx Curl	Version 7.41.0
Haxx Curl	Version 7.42.0
Haxx Curl	Version 7.42.1
Haxx Curl	Version 7.43.0
Haxx Curl	Version 7.44.0
Haxx Curl	Version 7.45.0
Haxx Curl	Version 7.46.0
Haxx Curl	Version 7.47.0
Haxx Curl	Version 7.48.0

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (22)

http://www.openwall.com/lists/oss-security/2024/03/27/4

Source: secalert@redhat.com

http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

Source: secalert@redhat.com

http://www.securityfocus.com/bid/90726

Source: secalert@redhat.com

http://www.securitytracker.com/id/1035907

Source: secalert@redhat.com

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.495349

Source: secalert@redhat.com

https://curl.haxx.se/CVE-2016-3739.patch

Source: secalert@redhat.com

Vendor Advisory

https://curl.haxx.se/changes.html#7_49_0

Source: secalert@redhat.com

https://curl.haxx.se/docs/adv_20160518.html

Source: secalert@redhat.com

Vendor Advisory

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149

Source: secalert@redhat.com

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722

Source: secalert@redhat.com

https://security.gentoo.org/glsa/201701-47

Source: secalert@redhat.com

http://www.openwall.com/lists/oss-security/2024/03/27/4

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/90726

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id/1035907

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.495349

Source: af854a3a-2127-422b-91ae-364da2661108

https://curl.haxx.se/CVE-2016-3739.patch

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://curl.haxx.se/changes.html#7_49_0

Source: af854a3a-2127-422b-91ae-364da2661108

https://curl.haxx.se/docs/adv_20160518.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149

Source: af854a3a-2127-422b-91ae-364da2661108

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722

Source: af854a3a-2127-422b-91ae-364da2661108

https://security.gentoo.org/glsa/201701-47

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.