Executive Summary

Informations
NameCVE-2019-5436First vendor Publication2019-05-28
VendorCveLast vendor Modification2019-06-09

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score4.6Attack RangeLocal
Cvss Impact Score6.4Attack ComplexityLow
Cvss Expoit Score3.9AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5436

CWE : Common Weakness Enumeration

%idName
100 %CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer

CPE : Common Platform Enumeration

TypeDescriptionCount
Application75

Sources (Detail)

SourceUrl
CONFIRM https://curl.haxx.se/docs/CVE-2019-5436.html
https://security.netapp.com/advisory/ntap-20190606-0004/
https://support.f5.com/csp/article/K55133295
https://support.f5.com/csp/article/K55133295?utm_source=f5support&utm...
FEDORA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedorapr...
MLIST http://www.openwall.com/lists/oss-security/2019/09/11/6
SUSE http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00008.html
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00017.html

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
DateInformations
2019-10-10 12:11:32
  • Multiple Updates
2019-09-12 12:11:17
  • Multiple Updates
2019-07-26 12:02:47
  • Multiple Updates
2019-06-09 12:01:05
  • Multiple Updates
2019-06-06 13:19:17
  • Multiple Updates
2019-06-05 00:19:52
  • Multiple Updates
2019-06-03 17:19:17
  • Multiple Updates
2019-05-29 17:19:13
  • Multiple Updates
2019-05-29 00:18:58
  • First insertion