Multiple off-by-one errors in the cURL library (libcurl) 7.11.2 through 7.15.0 allow local users to trigger a buffer overflow and cause a denial of service or bypass PHP security restrictions via certain URLs that (1) are malformed in a way that prevents a terminating null byte from being added to either a hostname or path buffer, or (2) contain a "?" separator in the hostname portion, which causes a "/" to be prepended to the resulting string.
Vector
LOCAL
Complexity
LOW
Authentication
NONE
Confidentiality
PARTIAL
Integrity
PARTIAL
Availability
PARTIAL
Daniel stenberg Curl 7.15 (not an official CPE)
Daniel stenberg Curl 7.14.1 (not an official CPE)
Daniel stenberg Curl 7.14 (not an official CPE)
Daniel stenberg Curl 7.13.2 (not an official CPE)
Daniel stenberg Curl 7.13.1 (not an official CPE)
Daniel stenberg Curl 7.13 (not an official CPE)
Daniel stenberg Curl 7.12.3 (not an official CPE)
Daniel stenberg Curl 7.12.2 (not an official CPE)
Daniel stenberg Curl 7.12.1 (not an official CPE)
Daniel stenberg Curl 7.12 (not an official CPE)
Daniel stenberg Curl 7.11.2 (not an official CPE)