CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-4802

Multiple untrusted search path vulnerabilities in cURL and libcurl before 7.49.1, when built with SSPI or telnet is enabled, allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) security.dll, (2) secur32.dll, or (3) ws2_32.dll in the application or current working directory.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 62.5%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 6.9

References

Products affected by CVE-2016-4802

Haxx » Curl » Version: N/A

cpe:2.3:a:haxx:curl:-
Haxx » Curl » Version: 4.9

cpe:2.3:a:haxx:curl:4.9
Haxx » Curl » Version: 6.0

cpe:2.3:a:haxx:curl:6.0
Haxx » Curl » Version: 6.1

cpe:2.3:a:haxx:curl:6.1
Haxx » Curl » Version: 6.2

cpe:2.3:a:haxx:curl:6.2
Haxx » Curl » Version: 6.3

cpe:2.3:a:haxx:curl:6.3
Haxx » Curl » Version: 6.3.1

cpe:2.3:a:haxx:curl:6.3.1
Haxx » Curl » Version: 6.4

cpe:2.3:a:haxx:curl:6.4
Haxx » Curl » Version: 6.5

cpe:2.3:a:haxx:curl:6.5
Haxx » Curl » Version: 6.5.1

cpe:2.3:a:haxx:curl:6.5.1
Haxx » Curl » Version: 6.5.2

cpe:2.3:a:haxx:curl:6.5.2
Haxx » Curl » Version: 7.1

cpe:2.3:a:haxx:curl:7.1
Haxx » Curl » Version: 7.1.1

cpe:2.3:a:haxx:curl:7.1.1
Haxx » Curl » Version: 7.10

cpe:2.3:a:haxx:curl:7.10
Haxx » Curl » Version: 7.10.1

cpe:2.3:a:haxx:curl:7.10.1
Haxx » Curl » Version: 7.10.2

cpe:2.3:a:haxx:curl:7.10.2
Haxx » Curl » Version: 7.10.3

cpe:2.3:a:haxx:curl:7.10.3
Haxx » Curl » Version: 7.10.4

cpe:2.3:a:haxx:curl:7.10.4
Haxx » Curl » Version: 7.10.5

cpe:2.3:a:haxx:curl:7.10.5
Haxx » Curl » Version: 7.10.6

cpe:2.3:a:haxx:curl:7.10.6
Haxx » Curl » Version: 7.10.7

cpe:2.3:a:haxx:curl:7.10.7
Haxx » Curl » Version: 7.10.8

cpe:2.3:a:haxx:curl:7.10.8
Haxx » Curl » Version: 7.11.0

cpe:2.3:a:haxx:curl:7.11.0
Haxx » Curl » Version: 7.11.1

cpe:2.3:a:haxx:curl:7.11.1
Haxx » Curl » Version: 7.11.2

cpe:2.3:a:haxx:curl:7.11.2
Haxx » Curl » Version: 7.12.0

cpe:2.3:a:haxx:curl:7.12.0
Haxx » Curl » Version: 7.12.1

cpe:2.3:a:haxx:curl:7.12.1
Haxx » Curl » Version: 7.12.2

cpe:2.3:a:haxx:curl:7.12.2
Haxx » Curl » Version: 7.12.3

cpe:2.3:a:haxx:curl:7.12.3
Haxx » Curl » Version: 7.13.0

cpe:2.3:a:haxx:curl:7.13.0
Haxx » Curl » Version: 7.13.1

cpe:2.3:a:haxx:curl:7.13.1
Haxx » Curl » Version: 7.13.2

cpe:2.3:a:haxx:curl:7.13.2
Haxx » Curl » Version: 7.14.0

cpe:2.3:a:haxx:curl:7.14.0
Haxx » Curl » Version: 7.14.1

cpe:2.3:a:haxx:curl:7.14.1
Haxx » Curl » Version: 7.15.0

cpe:2.3:a:haxx:curl:7.15.0
Haxx » Curl » Version: 7.15.1

cpe:2.3:a:haxx:curl:7.15.1
Haxx » Curl » Version: 7.15.2

cpe:2.3:a:haxx:curl:7.15.2
Haxx » Curl » Version: 7.15.3

cpe:2.3:a:haxx:curl:7.15.3
Haxx » Curl » Version: 7.15.4

cpe:2.3:a:haxx:curl:7.15.4
Haxx » Curl » Version: 7.15.5

cpe:2.3:a:haxx:curl:7.15.5
Haxx » Curl » Version: 7.16.0

cpe:2.3:a:haxx:curl:7.16.0
Haxx » Curl » Version: 7.16.1

cpe:2.3:a:haxx:curl:7.16.1
Haxx » Curl » Version: 7.16.2

cpe:2.3:a:haxx:curl:7.16.2
Haxx » Curl » Version: 7.16.3

cpe:2.3:a:haxx:curl:7.16.3
Haxx » Curl » Version: 7.16.4

cpe:2.3:a:haxx:curl:7.16.4
Haxx » Curl » Version: 7.17.0

cpe:2.3:a:haxx:curl:7.17.0
Haxx » Curl » Version: 7.17.1

cpe:2.3:a:haxx:curl:7.17.1
Haxx » Curl » Version: 7.18.0

cpe:2.3:a:haxx:curl:7.18.0
Haxx » Curl » Version: 7.18.1

cpe:2.3:a:haxx:curl:7.18.1
Haxx » Curl » Version: 7.18.2

cpe:2.3:a:haxx:curl:7.18.2
Haxx » Curl » Version: 7.19.0

cpe:2.3:a:haxx:curl:7.19.0
Haxx » Curl » Version: 7.19.1

cpe:2.3:a:haxx:curl:7.19.1
Haxx » Curl » Version: 7.19.2

cpe:2.3:a:haxx:curl:7.19.2
Haxx » Curl » Version: 7.19.3

cpe:2.3:a:haxx:curl:7.19.3
Haxx » Curl » Version: 7.19.4

cpe:2.3:a:haxx:curl:7.19.4
Haxx » Curl » Version: 7.19.5

cpe:2.3:a:haxx:curl:7.19.5
Haxx » Curl » Version: 7.19.6

cpe:2.3:a:haxx:curl:7.19.6
Haxx » Curl » Version: 7.19.7

cpe:2.3:a:haxx:curl:7.19.7
Haxx » Curl » Version: 7.19.7-53

cpe:2.3:a:haxx:curl:7.19.7-53
Haxx » Curl » Version: 7.2

cpe:2.3:a:haxx:curl:7.2
Haxx » Curl » Version: 7.2.1

cpe:2.3:a:haxx:curl:7.2.1
Haxx » Curl » Version: 7.20.0

cpe:2.3:a:haxx:curl:7.20.0
Haxx » Curl » Version: 7.20.1

cpe:2.3:a:haxx:curl:7.20.1
Haxx » Curl » Version: 7.21.0

cpe:2.3:a:haxx:curl:7.21.0
Haxx » Curl » Version: 7.21.1

cpe:2.3:a:haxx:curl:7.21.1
Haxx » Curl » Version: 7.21.2

cpe:2.3:a:haxx:curl:7.21.2
Haxx » Curl » Version: 7.21.3

cpe:2.3:a:haxx:curl:7.21.3
Haxx » Curl » Version: 7.21.4

cpe:2.3:a:haxx:curl:7.21.4
Haxx » Curl » Version: 7.21.5

cpe:2.3:a:haxx:curl:7.21.5
Haxx » Curl » Version: 7.21.6

cpe:2.3:a:haxx:curl:7.21.6
Haxx » Curl » Version: 7.21.7

cpe:2.3:a:haxx:curl:7.21.7
Haxx » Curl » Version: 7.22.0

cpe:2.3:a:haxx:curl:7.22.0
Haxx » Curl » Version: 7.23.0

cpe:2.3:a:haxx:curl:7.23.0
Haxx » Curl » Version: 7.23.1

cpe:2.3:a:haxx:curl:7.23.1
Haxx » Curl » Version: 7.24.0

cpe:2.3:a:haxx:curl:7.24.0
Haxx » Curl » Version: 7.25.0

cpe:2.3:a:haxx:curl:7.25.0
Haxx » Curl » Version: 7.26.0

cpe:2.3:a:haxx:curl:7.26.0
Haxx » Curl » Version: 7.27.0

cpe:2.3:a:haxx:curl:7.27.0
Haxx » Curl » Version: 7.28.0

cpe:2.3:a:haxx:curl:7.28.0
Haxx » Curl » Version: 7.28.1

cpe:2.3:a:haxx:curl:7.28.1
Haxx » Curl » Version: 7.29.0

cpe:2.3:a:haxx:curl:7.29.0
Haxx » Curl » Version: 7.3

cpe:2.3:a:haxx:curl:7.3
Haxx » Curl » Version: 7.30.0

cpe:2.3:a:haxx:curl:7.30.0
Haxx » Curl » Version: 7.31.0

cpe:2.3:a:haxx:curl:7.31.0
Haxx » Curl » Version: 7.32.0

cpe:2.3:a:haxx:curl:7.32.0
Haxx » Curl » Version: 7.33.0

cpe:2.3:a:haxx:curl:7.33.0
Haxx » Curl » Version: 7.34.0

cpe:2.3:a:haxx:curl:7.34.0
Haxx » Curl » Version: 7.35.0

cpe:2.3:a:haxx:curl:7.35.0
Haxx » Curl » Version: 7.36.0

cpe:2.3:a:haxx:curl:7.36.0
Haxx » Curl » Version: 7.37.0

cpe:2.3:a:haxx:curl:7.37.0
Haxx » Curl » Version: 7.37.1

cpe:2.3:a:haxx:curl:7.37.1
Haxx » Curl » Version: 7.38.0

cpe:2.3:a:haxx:curl:7.38.0
Haxx » Curl » Version: 7.39.0

cpe:2.3:a:haxx:curl:7.39.0
Haxx » Curl » Version: 7.4

cpe:2.3:a:haxx:curl:7.4
Haxx » Curl » Version: 7.4.1

cpe:2.3:a:haxx:curl:7.4.1
Haxx » Curl » Version: 7.4.2

cpe:2.3:a:haxx:curl:7.4.2
Haxx » Curl » Version: 7.40.0

cpe:2.3:a:haxx:curl:7.40.0
Haxx » Curl » Version: 7.41.0

cpe:2.3:a:haxx:curl:7.41.0
Haxx » Curl » Version: 7.42.0

cpe:2.3:a:haxx:curl:7.42.0
Haxx » Curl » Version: 7.42.1

cpe:2.3:a:haxx:curl:7.42.1
Haxx » Curl » Version: 7.43.0

cpe:2.3:a:haxx:curl:7.43.0
Haxx » Curl » Version: 7.44.0

cpe:2.3:a:haxx:curl:7.44.0
Haxx » Curl » Version: 7.45.0

cpe:2.3:a:haxx:curl:7.45.0
Haxx » Curl » Version: 7.46.0

cpe:2.3:a:haxx:curl:7.46.0
Haxx » Curl » Version: 7.47.0

cpe:2.3:a:haxx:curl:7.47.0
Haxx » Curl » Version: 7.47.1

cpe:2.3:a:haxx:curl:7.47.1
Haxx » Curl » Version: 7.48.0

cpe:2.3:a:haxx:curl:7.48.0
Haxx » Curl » Version: 7.49.0

cpe:2.3:a:haxx:curl:7.49.0
Haxx » Curl » Version: 7.5

cpe:2.3:a:haxx:curl:7.5
Haxx » Curl » Version: 7.5.1

cpe:2.3:a:haxx:curl:7.5.1
Haxx » Curl » Version: 7.5.2

cpe:2.3:a:haxx:curl:7.5.2
Haxx » Curl » Version: 7.6

cpe:2.3:a:haxx:curl:7.6
Haxx » Curl » Version: 7.6.1

cpe:2.3:a:haxx:curl:7.6.1
Haxx » Curl » Version: 7.7

cpe:2.3:a:haxx:curl:7.7
Haxx » Curl » Version: 7.7.1

cpe:2.3:a:haxx:curl:7.7.1
Haxx » Curl » Version: 7.7.2

cpe:2.3:a:haxx:curl:7.7.2
Haxx » Curl » Version: 7.7.3

cpe:2.3:a:haxx:curl:7.7.3
Haxx » Curl » Version: 7.8

cpe:2.3:a:haxx:curl:7.8
Haxx » Curl » Version: 7.8.1

cpe:2.3:a:haxx:curl:7.8.1
Haxx » Curl » Version: 7.9

cpe:2.3:a:haxx:curl:7.9
Haxx » Curl » Version: 7.9.1

cpe:2.3:a:haxx:curl:7.9.1
Haxx » Curl » Version: 7.9.2

cpe:2.3:a:haxx:curl:7.9.2
Haxx » Curl » Version: 7.9.3

cpe:2.3:a:haxx:curl:7.9.3
Haxx » Curl » Version: 7.9.4

cpe:2.3:a:haxx:curl:7.9.4
Haxx » Curl » Version: 7.9.5

cpe:2.3:a:haxx:curl:7.9.5
Haxx » Curl » Version: 7.9.6

cpe:2.3:a:haxx:curl:7.9.6
Haxx » Curl » Version: 7.9.7

cpe:2.3:a:haxx:curl:7.9.7
Haxx » Curl » Version: 7.9.8

cpe:2.3:a:haxx:curl:7.9.8

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-4802

Products

Pricing

Contact Us