Executive Summary

Informations
Name CVE-2015-3237 First vendor Publication 2015-06-22
Vendor Cve Last vendor Modification 2018-10-17

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:N/A:P)
Cvss Base Score 6.4 Attack Range Network
Cvss Impact Score 4.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

The smb_request_state function in cURL and libcurl 7.40.0 through 7.42.1 allows remote SMB servers to obtain sensitive information from memory or cause a denial of service (out-of-bounds read and crash) via crafted length and offset values.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3237

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-20 Improper Input Validation

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 4
Application 4
Application 94
Application 3
Application 2

Nessus® Vulnerability Scanner

Date Description
2016-07-20 Name : The remote web server is affected by multiple vulnerabilities.
File : glassfish_cve-2015-3237.nasl - Type : ACT_GATHER_INFO
2016-07-20 Name : The remote web server is affected by multiple vulnerabilities.
File : glassfish_cve-2016-3608.nasl - Type : ACT_GATHER_INFO
2016-05-18 Name : The remote web server is affected by multiple vulnerabilities.
File : hpsmh_7_5_5.nasl - Type : ACT_GATHER_INFO
2015-10-30 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2015-302-01.nasl - Type : ACT_GATHER_INFO
2015-09-25 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201509-02.nasl - Type : ACT_GATHER_INFO
2015-06-25 Name : The remote Fedora host is missing a security update.
File : fedora_2015-10155.nasl - Type : ACT_GATHER_INFO
2015-06-25 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2015-446.nasl - Type : ACT_GATHER_INFO
2015-06-22 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2015-551.nasl - Type : ACT_GATHER_INFO
2015-06-18 Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_2438d4af153811e5a1063c970e169bc2.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source Url
BID http://www.securityfocus.com/bid/75387
http://www.securityfocus.com/bid/91787
CONFIRM http://curl.haxx.se/docs/adv_20150617B.html
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n...
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n...
FEDORA http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160660.html
GENTOO https://security.gentoo.org/glsa/201509-02
SECTRACK http://www.securitytracker.com/id/1036371

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
Date Informations
2020-05-23 01:55:35
  • Multiple Updates
2020-05-23 00:45:08
  • Multiple Updates
2018-10-17 09:20:15
  • Multiple Updates
2018-03-03 12:03:09
  • Multiple Updates
2017-09-01 09:24:43
  • Multiple Updates
2016-12-22 09:23:58
  • Multiple Updates
2016-12-03 09:24:12
  • Multiple Updates
2016-11-29 00:25:11
  • Multiple Updates
2016-10-15 09:24:41
  • Multiple Updates
2016-08-23 09:24:54
  • Multiple Updates
2016-08-20 09:22:30
  • Multiple Updates
2016-08-17 09:23:50
  • Multiple Updates
2016-08-16 21:25:05
  • Multiple Updates
2016-08-09 09:24:05
  • Multiple Updates
2016-08-05 00:23:35
  • Multiple Updates
2016-07-22 13:38:25
  • Multiple Updates
2016-07-22 12:03:27
  • Multiple Updates
2016-06-15 09:26:11
  • Multiple Updates
2016-05-19 13:27:02
  • Multiple Updates
2016-04-27 02:20:29
  • Multiple Updates
2015-10-31 13:23:59
  • Multiple Updates
2015-09-26 13:24:15
  • Multiple Updates
2015-07-02 00:26:58
  • Multiple Updates
2015-06-26 13:27:33
  • Multiple Updates
2015-06-24 05:26:14
  • Multiple Updates
2015-06-24 00:25:38
  • Multiple Updates
2015-06-23 21:27:03
  • Multiple Updates
2015-06-23 13:27:35
  • Multiple Updates
2015-06-23 00:24:58
  • First insertion