Executive Summary

Informations
NameCVE-2016-8618First vendor Publication2018-07-31
VendorCveLast vendor Modification2018-11-13

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score7.5Attack RangeNetwork
Cvss Impact Score6.4Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

The libcurl API function called `curl_maprintf()` before version 7.51.0 can be tricked into doing a double-free due to an unsafe `size_t` multiplication, on systems using 32 bit `size_t` variables.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618

CWE : Common Weakness Enumeration

%idName
100 %CWE-415Double Free

CPE : Common Platform Enumeration

TypeDescriptionCount
Application131

Nessus® Vulnerability Scanner

DateDescription
2017-12-26Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL10196624.nasl - Type : ACT_GATHER_INFO
2017-05-02Name : An application installed on the remote host is affected by multiple vulnerabi...
File : oracle_secure_global_desktop_apr_2017_cpu.nasl - Type : ACT_GATHER_INFO
2017-05-01Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2017-1035.nasl - Type : ACT_GATHER_INFO
2017-05-01Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2017-1036.nasl - Type : ACT_GATHER_INFO
2017-01-20Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201701-47.nasl - Type : ACT_GATHER_INFO
2016-12-16Name : The remote host is missing a macOS update that fixes multiple security vulner...
File : macos_10_12_2.nasl - Type : ACT_GATHER_INFO
2016-11-21Name : The remote Fedora host is missing a security update.
File : fedora_2016-89769648a0.nasl - Type : ACT_GATHER_INFO
2016-11-18Name : The remote Debian host is missing a security update.
File : debian_DLA-711.nasl - Type : ACT_GATHER_INFO
2016-11-14Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-1280.nasl - Type : ACT_GATHER_INFO
2016-11-11Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2016-766.nasl - Type : ACT_GATHER_INFO
2016-11-07Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3705.nasl - Type : ACT_GATHER_INFO
2016-11-07Name : The remote Fedora host is missing a security update.
File : fedora_2016-e8e8cdb4ed.nasl - Type : ACT_GATHER_INFO
2016-11-04Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2016-308-01.nasl - Type : ACT_GATHER_INFO
2016-11-04Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-2714-1.nasl - Type : ACT_GATHER_INFO
2016-11-04Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-3123-1.nasl - Type : ACT_GATHER_INFO
2016-11-03Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_765feb7da0d111e6a881b499baebfeaf.nasl - Type : ACT_GATHER_INFO
2016-11-03Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-2699-1.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/94098
CONFIRM http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8618
https://curl.haxx.se/docs/adv_20161102D.html
https://www.tenable.com/security/tns-2016-21
GENTOO https://security.gentoo.org/glsa/201701-47
REDHAT https://access.redhat.com/errata/RHSA-2018:2486
https://access.redhat.com/errata/RHSA-2018:3558
SECTRACK http://www.securitytracker.com/id/1037192

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
DateInformations
2018-11-13 17:19:22
  • Multiple Updates
2018-10-17 09:20:20
  • Multiple Updates
2018-10-11 17:19:45
  • Multiple Updates
2018-08-17 17:19:30
  • Multiple Updates
2018-08-02 09:18:51
  • Multiple Updates
2018-08-01 00:19:30
  • First insertion