Vulnerability Details CVE-2000-0973
Buffer overflow in curl earlier than 6.0-1.1, and curl-ssl earlier than 6.0-1.2, allows remote attackers to execute arbitrary commands by forcing a long error message to be generated.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.1
EPSS Ranking 92.7%
CVSS Severity
CVSS v2 Score 10.0
References
- ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:72.curl.asc
- http://archives.neohapsis.com/archives/bugtraq/2000-10/0331.html
- http://www.securityfocus.com/bid/1804
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5374
- ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:72.curl.asc
- http://archives.neohapsis.com/archives/bugtraq/2000-10/0331.html
- http://www.securityfocus.com/bid/1804
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5374
Products affected by CVE-2000-0973
-
cpe:2.3:a:daniel_stenberg:curl:6.0
-
cpe:2.3:a:daniel_stenberg:curl:6.1
-
cpe:2.3:a:daniel_stenberg:curl:6.1beta
-
cpe:2.3:a:daniel_stenberg:curl:6.3
-
cpe:2.3:a:daniel_stenberg:curl:6.4
-
cpe:2.3:a:daniel_stenberg:curl:6.5
-
cpe:2.3:a:daniel_stenberg:curl:6.5.1
-
cpe:2.3:a:daniel_stenberg:curl:6.5.2
-
cpe:2.3:a:daniel_stenberg:curl:7.1
-
cpe:2.3:a:daniel_stenberg:curl:7.1.1
-
cpe:2.3:a:daniel_stenberg:curl:7.2
-
cpe:2.3:a:daniel_stenberg:curl:7.2.1
-
cpe:2.3:a:daniel_stenberg:curl:7.3
-
cpe:2.3:a:daniel_stenberg:curl:7.4