CVE-2015-3237

Description

The smb_request_state function in cURL and libcurl 7.40.0 through 7.42.1 allows remote SMB servers to obtain sensitive information from memory or cause a denial of service (out-of-bounds read and crash) via crafted length and offset values.

Risk Information

Base Score

9.8

MODERATE

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

Exploitation Probability

5.127

Associated Vulnerability

Vulnerability	OS Platform
Update HP System Management Homepage Detection (x64) 7.5.3.1 to latest version	Windows
Update HP System Management Homepage Detection 7.5.3.1 to latest version	Windows
Vulnerability CVE-2015-3236,CVE-2015-3237 are affected in Curl For Windows 7.42.1	Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.40.0	Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.41.0	Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.42.0	Windows
Multiple Vulnerabilities are affected in Curl For Windows 7.42.1	Windows
Vulnerabilities CVE-2015-3237,CVE-2015-3236 are fixed in Curl For Windows 7.43.0	Windows
Update HP System Management Homepage Detection 7.5.3.1 to latest version (For Ubuntu)	Linux
Update HP System Management Homepage Detection 7.5.3.1 to latest version (For Debian)	Linux
Update HP System Management Homepage Detection 7.5.3.1 to latest version (For Centos)	Linux
Update HP System Management Homepage Detection 7.5.3.1 to latest version (For RedHat)	Linux
Update HP System Management Homepage Detection 7.5.3.1 to latest version (For Suse)	Linux
Multiple Vulnerabilities affected in system_management_homepage 7.5.3.1	NCM
Multiple Vulnerabilities affected in system_management_homepage 7.4.0	NCM
Multiple Vulnerabilities affected in system_management_homepage 6.2.2.7	NCM
Multiple Vulnerabilities affected in system_management_homepage 6.1	NCM
Multiple Vulnerabilities affected in system_management_homepage 6.0	NCM
Multiple Vulnerabilities affected in system_management_homepage 3.2.7	NCM
Multiple Vulnerabilities affected in system_management_homepage 3.2.2	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1.9	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1.8	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1.7-168	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1.7	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1.6-156	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1.6	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1.5-146	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1.5	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1.3	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1.2-127	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1.2	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1.0-118	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1.0-109	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1.0-103(a)	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1.0-103	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.0.2	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.0.1	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.0.0	NCM
Multiple Vulnerabilities affected in system_management_homepage 6.2.0	NCM
Multiple Vulnerabilities affected in system_management_homepage 6.1.0.102	NCM
Multiple Vulnerabilities affected in system_management_homepage 6.1.0-103	NCM
Multiple Vulnerabilities affected in system_management_homepage 6.0.0.96	NCM
Multiple Vulnerabilities affected in system_management_homepage 6.0.0-95	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1.12-200	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1.12-118	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1.11-197	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1.11	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1.10-186	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1.9-178	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1.8-177	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1.7.168	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1.6.156	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1.5.146-b	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1.5.146	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1.4.143	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1.4-143	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1.2.127	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1.0.121	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.0.2.106	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.0.1.104	NCM
Multiple Vulnerabilities affected in system_management_homepage 7.2.1	NCM
Multiple Vulnerabilities affected in system_management_homepage 7.2	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.2.6	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1.11.197-a	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1.10.186-c	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1.10.186-b	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1.10.186	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1.10	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1.8.179	NCM
Multiple Vulnerabilities affected in system_management_homepage 7.1	NCM
Multiple Vulnerabilities affected in system_management_homepage 7.0	NCM
Multiple Vulnerabilities affected in system_management_homepage 6.3.1	NCM
Multiple Vulnerabilities affected in system_management_homepage 6.3.0	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.2.8	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1.15.210	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1.15-210	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1.15	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1.14.20	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1.14	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1.12.201	NCM
Multiple Vulnerabilities affected in system_management_homepage 3.0.0.64	NCM
Multiple Vulnerabilities affected in system_management_homepage 3.0.0-68	NCM
Multiple Vulnerabilities affected in system_management_homepage 3.0.0	NCM
Multiple Vulnerabilities affected in system_management_homepage 3.0.2.77-b	NCM
Multiple Vulnerabilities affected in system_management_homepage 3.0.2.77	NCM
Multiple Vulnerabilities affected in system_management_homepage 3.0.2-77	NCM
Multiple Vulnerabilities affected in system_management_homepage 3.0.2	NCM
Multiple Vulnerabilities affected in system_management_homepage 3.0.1.73	NCM
Multiple Vulnerabilities affected in system_management_homepage 3.0.1-73	NCM
Multiple Vulnerabilities affected in system_management_homepage 3.0.1	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1.4	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1.3.132	NCM
Multiple Vulnerabilities affected in system_management_homepage 2.1.1	NCM
Improper Input Validation Vulnerability (CVE-2015-3237)	NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234