libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an
ASN.1 Generalized Time field. If given an syntactically incorrect field, the
parser might end up using -1 for the length of the *time fraction*, leading to
a `strlen()` getting performed on a pointer to a heap buffer area that is not
(purposely) null terminated.
This flaw most likely leads to a crash, but can also lead to heap contents
getting returned to the application when
[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.
Metrics
Affected Vendors & Products
References
History
Wed, 28 Aug 2024 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Mon, 12 Aug 2024 18:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Haxx
Haxx libcurl |
|
CPEs | cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:* | |
Vendors & Products |
Haxx
Haxx libcurl |
|
Metrics |
cvssV3_1
|
cvssV3_1
|
Wed, 07 Aug 2024 03:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-125 | |
References |
| |
Metrics |
threat_severity
|
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: curl
Published: 2024-07-31T08:08:14.585Z
Updated: 2024-08-28T15:02:52.325Z
Reserved: 2024-07-30T08:04:22.389Z
Link: CVE-2024-7264
Vulnrichment
Updated: 2024-08-28T15:02:52.325Z
NVD
Status : Analyzed
Published: 2024-07-31T08:15:02.657
Modified: 2024-08-12T17:30:51.880
Link: CVE-2024-7264
Redhat