CVE-2014-0015 in cURLinfo

Summary

cURL and libcurl 7.10.6 through 7.34.0, when more than one authentication method is enabled, re-uses NTLM connections, which might allow context-dependent attackers to authenticate as other users via a request.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

12/03/2013

Disclosure

02/01/2014

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
12136	haxx.se cURL HTTP NTLM Connection improper authentication	287	Proof-of-Concept	Official fix	CVE-2014-0015

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PreviousOverviewNext ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!