FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

cURL -- buffer overflow

Affected packages
7.1 <= curl < 7.52

Details

VuXML ID 42880202-c81c-11e6-a9a5-b499baebfeaf
Discovery 2016-12-21
Entry 2016-12-22

The cURL project reports:

printf floating point buffer overflow

libcurl's implementation of the printf() functions triggers a buffer overflow when doing a large floating point output. The bug occurs when the conversion outputs more than 255 bytes.

[source]

References

CVE Name CVE-2016-9586
URL https://curl.haxx.se/docs/vuln-7.51.0.html

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.