Home

CVE-2013-2174

Description

Heap-based buffer overflow in the curl_easy_unescape function in lib/escape.c in cURL and libcurl 7.7 through 7.30.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string ending in a % (percent) character.

Risk Information

Base Score
9.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
3.181

Associated Vulnerability

VulnerabilityOS Platform
Vulnerability CVE-2013-2174 are affected in Curl For Windows 7.30.0Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.21.6Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.21.4Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.21.5Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.21.7Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.22.0Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.23.0Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.23.1Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.24.0Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.25.0Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.26.0Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.27.0Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.28.0Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.28.1Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.29.0Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.30.0Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.17.1Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.18.0Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.18.1Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.18.2Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.19.0Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.19.1Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.19.2Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.19.3Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.19.4Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.19.5Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.19.6Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.19.7Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.20.0Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.20.1Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.21.0Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.21.1Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.21.2Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.21.3Windows
Vulnerabilities CVE-2013-1944,CVE-2013-2174,CVE-2014-8150,CVE-2017-1000254 are affected in Curl For Windows 7.10Windows
Vulnerabilities CVE-2013-1944,CVE-2013-2174,CVE-2014-8150,CVE-2017-1000254 are affected in Curl For Windows 7.10.1Windows
Vulnerabilities CVE-2013-1944,CVE-2013-2174,CVE-2014-8150,CVE-2017-1000254 are affected in Curl For Windows 7.10.2Windows
Vulnerabilities CVE-2013-1944,CVE-2013-2174,CVE-2014-8150,CVE-2017-1000254 are affected in Curl For Windows 7.10.3Windows
Vulnerabilities CVE-2013-1944,CVE-2013-2174,CVE-2014-8150,CVE-2017-1000254 are affected in Curl For Windows 7.10.4Windows
Vulnerabilities CVE-2013-1944,CVE-2013-2174,CVE-2014-8150,CVE-2017-1000254 are affected in Curl For Windows 7.10.5Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.10.6Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.10.7Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.10.8Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.11.0Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.11.1Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.11.2Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.12.0Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.12.1Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.12.2Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.12.3Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.13.0Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.13.1Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.13.2Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.14.0Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.14.1Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.15.0Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.15.1Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.15.2Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.15.3Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.15.4Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.15.5Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.16.0Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.16.1Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.16.2Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.16.3Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.16.4Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.17.0Windows
Vulnerabilities CVE-2013-1944,CVE-2013-2174,CVE-2014-8150,CVE-2017-1000254 are affected in Curl For Windows 7.7Windows
Vulnerabilities CVE-2013-1944,CVE-2013-2174,CVE-2014-8150,CVE-2017-1000254 are affected in Curl For Windows 7.7.1Windows
Vulnerabilities CVE-2013-1944,CVE-2013-2174,CVE-2014-8150,CVE-2017-1000254 are affected in Curl For Windows 7.7.2Windows
Vulnerabilities CVE-2013-1944,CVE-2013-2174,CVE-2014-8150,CVE-2017-1000254 are affected in Curl For Windows 7.7.3Windows
Vulnerabilities CVE-2013-1944,CVE-2013-2174,CVE-2014-8150,CVE-2017-1000254 are affected in Curl For Windows 7.8Windows
Vulnerabilities CVE-2013-1944,CVE-2013-2174,CVE-2014-8150,CVE-2017-1000254 are affected in Curl For Windows 7.8.1Windows
Vulnerabilities CVE-2013-1944,CVE-2013-2174,CVE-2014-8150,CVE-2017-1000254 are affected in Curl For Windows 7.9Windows
Vulnerabilities CVE-2013-1944,CVE-2013-2174,CVE-2014-8150,CVE-2017-1000254 are affected in Curl For Windows 7.9.1Windows
Vulnerabilities CVE-2013-1944,CVE-2013-2174,CVE-2014-8150,CVE-2017-1000254 are affected in Curl For Windows 7.9.2Windows
Vulnerabilities CVE-2013-1944,CVE-2013-2174,CVE-2014-8150,CVE-2017-1000254 are affected in Curl For Windows 7.9.3Windows
Vulnerabilities CVE-2013-1944,CVE-2013-2174,CVE-2014-8150,CVE-2017-1000254 are affected in Curl For Windows 7.9.4Windows
Vulnerabilities CVE-2013-1944,CVE-2013-2174,CVE-2014-8150,CVE-2017-1000254 are affected in Curl For Windows 7.9.5Windows
Vulnerabilities CVE-2013-1944,CVE-2013-2174,CVE-2014-8150,CVE-2017-1000254 are affected in Curl For Windows 7.9.6Windows
Vulnerabilities CVE-2013-1944,CVE-2013-2174,CVE-2014-8150,CVE-2017-1000254 are affected in Curl For Windows 7.9.7Windows
Vulnerabilities CVE-2013-1944,CVE-2013-2174,CVE-2014-8150,CVE-2017-1000254 are affected in Curl For Windows 7.9.8Windows
Vulnerabilities CVE-2013-2174 are fixed in Curl For Windows 7.31.0Windows
(RHSA-2013:0983) Moderate: curl security update curl-7.15.5-17.el5_9.i386.rpmLinux
(RHSA-2013:0983) Moderate: curl security update curl-7.15.5-17.el5_9.x86_64.rpmLinux
(RHSA-2013:0983) Moderate: curl security update curl-devel-7.15.5-17.el5_9.i386.rpmLinux
(RHSA-2013:0983) Moderate: curl security update curl-devel-7.15.5-17.el5_9.x86_64.rpmLinux
Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2013-2174)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234