CVE-2019-3823

libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to `smtp_endofresp()` isn't NUL terminated and contains no character ending the parsed number, and `len` is set to 5, then the `strtol()` call reads beyond the allocated buffer. The read contents will not be returned to the caller.
References
Link Resource
http://www.securityfocus.com/bid/106950 Third Party Advisory VDB Entry
https://access.redhat.com/errata/RHSA-2019:3701
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3823 Exploit Issue Tracking Patch Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-936080.pdf
https://curl.haxx.se/docs/CVE-2019-3823.html Patch Vendor Advisory
https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E
https://security.gentoo.org/glsa/201903-03 Third Party Advisory
https://security.netapp.com/advisory/ntap-20190315-0001/ Exploit Third Party Advisory
https://usn.ubuntu.com/3882-1/ Third Party Advisory
https://www.debian.org/security/2019/dsa-4386 Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html Patch Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
http://www.securityfocus.com/bid/106950 Third Party Advisory VDB Entry
https://access.redhat.com/errata/RHSA-2019:3701
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3823 Exploit Issue Tracking Patch Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-936080.pdf
https://curl.haxx.se/docs/CVE-2019-3823.html Patch Vendor Advisory
https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E
https://security.gentoo.org/glsa/201903-03 Third Party Advisory
https://security.netapp.com/advisory/ntap-20190315-0001/ Exploit Third Party Advisory
https://usn.ubuntu.com/3882-1/ Third Party Advisory
https://www.debian.org/security/2019/dsa-4386 Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html Patch Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
Configurations

Configuration 1 (hide)

cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 4 (hide)

cpe:2.3:o:netapp:clustered_data_ontap:*:*:*:*:*:*:*:*

Configuration 5 (hide)

OR cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:secure_global_desktop:5.4:*:*:*:*:*:*:*

History

21 Nov 2024, 04:42

Type Values Removed Values Added
CVSS v2 : 5.0
v3 : 7.5
v2 : 5.0
v3 : 4.3
References () http://www.securityfocus.com/bid/106950 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/106950 - Third Party Advisory, VDB Entry
References () https://access.redhat.com/errata/RHSA-2019:3701 - () https://access.redhat.com/errata/RHSA-2019:3701 -
References () https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3823 - Exploit, Issue Tracking, Patch, Third Party Advisory () https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3823 - Exploit, Issue Tracking, Patch, Third Party Advisory
References () https://cert-portal.siemens.com/productcert/pdf/ssa-936080.pdf - () https://cert-portal.siemens.com/productcert/pdf/ssa-936080.pdf -
References () https://curl.haxx.se/docs/CVE-2019-3823.html - Patch, Vendor Advisory () https://curl.haxx.se/docs/CVE-2019-3823.html - Patch, Vendor Advisory
References () https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E - () https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E -
References () https://security.gentoo.org/glsa/201903-03 - Third Party Advisory () https://security.gentoo.org/glsa/201903-03 - Third Party Advisory
References () https://security.netapp.com/advisory/ntap-20190315-0001/ - Exploit, Third Party Advisory () https://security.netapp.com/advisory/ntap-20190315-0001/ - Exploit, Third Party Advisory
References () https://usn.ubuntu.com/3882-1/ - Third Party Advisory () https://usn.ubuntu.com/3882-1/ - Third Party Advisory
References () https://www.debian.org/security/2019/dsa-4386 - Third Party Advisory () https://www.debian.org/security/2019/dsa-4386 - Third Party Advisory
References () https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html - Patch, Third Party Advisory () https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html - Patch, Third Party Advisory
References () https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html - () https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html -

Information

Published : 2019-02-06 20:29

Updated : 2024-11-21 04:42


NVD link : CVE-2019-3823

Mitre link : CVE-2019-3823

CVE.ORG link : CVE-2019-3823


JSON object : View

Products Affected

oracle

  • http_server
  • secure_global_desktop
  • communications_operations_monitor

canonical

  • ubuntu_linux

netapp

  • clustered_data_ontap

debian

  • debian_linux

haxx

  • libcurl
CWE
CWE-125

Out-of-bounds Read