CVE-2015-3237 in Hyperion Essbaseinfo

Summary

The smb_request_state function in cURL and libcurl 7.40.0 through 7.42.1 allows remote SMB servers to obtain sensitive information from memory or cause a denial of service (out-of-bounds read and crash) via crafted length and offset values.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservation

04/10/2015

Disclosure

06/22/2015

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

IDVulnerabilityCWEExpCouCVE
99995Oracle Hyperion Essbase Security (libcurl) input validation20Not definedOfficial fixCVE-2015-3237
95576Oracle Enterprise Manager Ops Center input validation20Not definedOfficial fixCVE-2015-3237
89914Oracle Enterprise Manager Ops Center Networking input validation20Not definedOfficial fixCVE-2015-3237
89900Oracle GlassFish Server Administration input validation20Not definedOfficial fixCVE-2015-3237
76044cURL/libcURL smb_request_state input validation20Not definedNot definedCVE-2015-3237

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

PreviousOverviewNext

Want to know what is going to be exploited?

We predict KEV entries!