CVE-2013-1944
Description
The tailMatch function in cookie.c in cURL and libcurl before 7.30.0 does not properly match the path domain when sending cookies, which allows remote attackers to steal cookies via a matching suffix in the domain of a URL.
Risk Information
Base Score
9.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
2.482
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerability CVE-2013-1944 are affected in Curl For Windows 7.29.0 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.21.6 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.21.4 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.21.5 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.21.7 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.22.0 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.23.0 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.23.1 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.24.0 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.25.0 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.26.0 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.27.0 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.28.0 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.28.1 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.29.0 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.17.1 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.18.0 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.18.1 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.18.2 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.19.0 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.19.1 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.19.2 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.19.3 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.19.4 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.19.5 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.19.6 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.19.7 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.20.0 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.20.1 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.21.0 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.21.1 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.21.2 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.21.3 | Windows |
| Vulnerabilities CVE-2013-1944,CVE-2014-8150 are affected in Curl For Windows 6.0 | Windows |
| Vulnerabilities CVE-2013-1944,CVE-2014-8150 are affected in Curl For Windows 6.1 | Windows |
| Vulnerabilities CVE-2013-1944,CVE-2014-8150 are affected in Curl For Windows 6.2 | Windows |
| Vulnerabilities CVE-2013-1944,CVE-2014-8150 are affected in Curl For Windows 6.3 | Windows |
| Vulnerabilities CVE-2013-1944,CVE-2014-8150 are affected in Curl For Windows 6.3.1 | Windows |
| Vulnerabilities CVE-2013-1944,CVE-2014-8150 are affected in Curl For Windows 6.4 | Windows |
| Vulnerabilities CVE-2013-1944,CVE-2014-8150 are affected in Curl For Windows 6.5 | Windows |
| Vulnerabilities CVE-2013-1944,CVE-2014-8150 are affected in Curl For Windows 6.5.1 | Windows |
| Vulnerabilities CVE-2013-1944,CVE-2014-8150 are affected in Curl For Windows 6.5.2 | Windows |
| Vulnerabilities CVE-2013-1944,CVE-2014-8150 are affected in Curl For Windows 7.1 | Windows |
| Vulnerabilities CVE-2013-1944,CVE-2014-8150 are affected in Curl For Windows 7.1.1 | Windows |
| Vulnerabilities CVE-2013-1944,CVE-2013-2174,CVE-2014-8150,CVE-2017-1000254 are affected in Curl For Windows 7.10 | Windows |
| Vulnerabilities CVE-2013-1944,CVE-2013-2174,CVE-2014-8150,CVE-2017-1000254 are affected in Curl For Windows 7.10.1 | Windows |
| Vulnerabilities CVE-2013-1944,CVE-2013-2174,CVE-2014-8150,CVE-2017-1000254 are affected in Curl For Windows 7.10.2 | Windows |
| Vulnerabilities CVE-2013-1944,CVE-2013-2174,CVE-2014-8150,CVE-2017-1000254 are affected in Curl For Windows 7.10.3 | Windows |
| Vulnerabilities CVE-2013-1944,CVE-2013-2174,CVE-2014-8150,CVE-2017-1000254 are affected in Curl For Windows 7.10.4 | Windows |
| Vulnerabilities CVE-2013-1944,CVE-2013-2174,CVE-2014-8150,CVE-2017-1000254 are affected in Curl For Windows 7.10.5 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.10.6 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.10.7 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.10.8 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.11.0 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.11.1 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.11.2 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.12.0 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.12.1 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.12.2 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.12.3 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.13.0 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.13.1 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.13.2 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.14.0 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.14.1 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.15.0 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.15.1 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.15.2 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.15.3 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.15.4 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.15.5 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.16.0 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.16.1 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.16.2 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.16.3 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.16.4 | Windows |
| Multiple Vulnerabilities are affected in Curl For Windows 7.17.0 | Windows |
| Vulnerabilities CVE-2013-1944,CVE-2014-8150 are affected in Curl For Windows 7.2 | Windows |
| Vulnerabilities CVE-2013-1944,CVE-2014-8150 are affected in Curl For Windows 7.2.1 | Windows |
| Vulnerabilities CVE-2013-1944,CVE-2014-8150 are affected in Curl For Windows 7.3 | Windows |
| Vulnerabilities CVE-2013-1944,CVE-2014-8150 are affected in Curl For Windows 7.4 | Windows |
| Vulnerabilities CVE-2013-1944,CVE-2014-8150,CVE-2017-1000101 are affected in Curl For Windows 7.4.1 | Windows |
| Vulnerabilities CVE-2013-1944,CVE-2014-8150 are affected in Curl For Windows 7.4.2 | Windows |
| Vulnerabilities CVE-2013-1944,CVE-2014-8150 are affected in Curl For Windows 7.5.1 | Windows |
| Vulnerabilities CVE-2013-1944,CVE-2014-8150 are affected in Curl For Windows 7.5.2 | Windows |
| Vulnerabilities CVE-2013-1944,CVE-2014-8150 are affected in Curl For Windows 7.6 | Windows |
| Vulnerabilities CVE-2013-1944,CVE-2014-8150 are affected in Curl For Windows 7.6.1 | Windows |
| Vulnerabilities CVE-2013-1944,CVE-2013-2174,CVE-2014-8150,CVE-2017-1000254 are affected in Curl For Windows 7.7 | Windows |
| Vulnerabilities CVE-2013-1944,CVE-2013-2174,CVE-2014-8150,CVE-2017-1000254 are affected in Curl For Windows 7.7.1 | Windows |
| Vulnerabilities CVE-2013-1944,CVE-2013-2174,CVE-2014-8150,CVE-2017-1000254 are affected in Curl For Windows 7.7.2 | Windows |
| Vulnerabilities CVE-2013-1944,CVE-2013-2174,CVE-2014-8150,CVE-2017-1000254 are affected in Curl For Windows 7.7.3 | Windows |
| Vulnerabilities CVE-2013-1944,CVE-2013-2174,CVE-2014-8150,CVE-2017-1000254 are affected in Curl For Windows 7.8 | Windows |
| Vulnerabilities CVE-2013-1944,CVE-2013-2174,CVE-2014-8150,CVE-2017-1000254 are affected in Curl For Windows 7.8.1 | Windows |
| Vulnerabilities CVE-2013-1944,CVE-2013-2174,CVE-2014-8150,CVE-2017-1000254 are affected in Curl For Windows 7.9 | Windows |
| Vulnerabilities CVE-2013-1944,CVE-2013-2174,CVE-2014-8150,CVE-2017-1000254 are affected in Curl For Windows 7.9.1 | Windows |
| Vulnerabilities CVE-2013-1944,CVE-2013-2174,CVE-2014-8150,CVE-2017-1000254 are affected in Curl For Windows 7.9.2 | Windows |
| Vulnerabilities CVE-2013-1944,CVE-2013-2174,CVE-2014-8150,CVE-2017-1000254 are affected in Curl For Windows 7.9.3 | Windows |
| Vulnerabilities CVE-2013-1944,CVE-2013-2174,CVE-2014-8150,CVE-2017-1000254 are affected in Curl For Windows 7.9.4 | Windows |
| Vulnerabilities CVE-2013-1944,CVE-2013-2174,CVE-2014-8150,CVE-2017-1000254 are affected in Curl For Windows 7.9.5 | Windows |
| Vulnerabilities CVE-2013-1944,CVE-2013-2174,CVE-2014-8150,CVE-2017-1000254 are affected in Curl For Windows 7.9.6 | Windows |
| Vulnerabilities CVE-2013-1944,CVE-2013-2174,CVE-2014-8150,CVE-2017-1000254 are affected in Curl For Windows 7.9.7 | Windows |
| Vulnerabilities CVE-2013-1944,CVE-2013-2174,CVE-2014-8150,CVE-2017-1000254 are affected in Curl For Windows 7.9.8 | Windows |
| Vulnerabilities CVE-2013-1944 are fixed in Curl For Windows 7.30.0 | Windows |
| Multiple vulnerabilities are fixed in OS X Mavericks 10.9.5 Update | Mac |
| Multiple vulnerabilities are fixed in OS X Mavericks 10.9.5 Update (Combo) | Mac |
| HTTP, HTTPS, and FTP client and client libraries (USN-1801-1) curl_7.22.0-3ubuntu4.17_i386.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-1801-1) curl_7.22.0-3ubuntu4.17_amd64.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-1801-1) libcurl3_7.22.0-3ubuntu4.14_i386.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-1801-1) libcurl3_7.22.0-3ubuntu4.14_amd64.deb | Linux |
| Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-1944) | NCM |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-600222 | OS X Mavericks 10.9.5 Update |
| PATCH-600223 | OS X Mavericks 10.9.5 Update (Combo) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234