Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2016-9952

The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built for Windows CE using the schannel TLS backend, makes it easier for remote attackers to conduct man-in-the-middle attacks via a crafted wildcard SAN in a server certificate, as demonstrated by "*.com."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.042
EPSS Ranking 88.1%
CVSS Severity
CVSS v3 Score 8.1
CVSS v2 Score 6.8
Products affected by CVE-2016-9952
  • Haxx » Curl » Version: 7.30.0
    cpe:2.3:a:haxx:curl:7.30.0
  • Haxx » Curl » Version: 7.31.0
    cpe:2.3:a:haxx:curl:7.31.0
  • Haxx » Curl » Version: 7.32.0
    cpe:2.3:a:haxx:curl:7.32.0
  • Haxx » Curl » Version: 7.33.0
    cpe:2.3:a:haxx:curl:7.33.0
  • Haxx » Curl » Version: 7.34.0
    cpe:2.3:a:haxx:curl:7.34.0
  • Haxx » Curl » Version: 7.35.0
    cpe:2.3:a:haxx:curl:7.35.0
  • Haxx » Curl » Version: 7.36.0
    cpe:2.3:a:haxx:curl:7.36.0
  • Haxx » Curl » Version: 7.37.0
    cpe:2.3:a:haxx:curl:7.37.0
  • Haxx » Curl » Version: 7.37.1
    cpe:2.3:a:haxx:curl:7.37.1
  • Haxx » Curl » Version: 7.38.0
    cpe:2.3:a:haxx:curl:7.38.0
  • Haxx » Curl » Version: 7.39.0
    cpe:2.3:a:haxx:curl:7.39.0
  • Haxx » Curl » Version: 7.40.0
    cpe:2.3:a:haxx:curl:7.40.0
  • Haxx » Curl » Version: 7.41.0
    cpe:2.3:a:haxx:curl:7.41.0
  • Haxx » Curl » Version: 7.42.0
    cpe:2.3:a:haxx:curl:7.42.0
  • Haxx » Curl » Version: 7.42.1
    cpe:2.3:a:haxx:curl:7.42.1
  • Haxx » Curl » Version: 7.43.0
    cpe:2.3:a:haxx:curl:7.43.0
  • Haxx » Curl » Version: 7.44.0
    cpe:2.3:a:haxx:curl:7.44.0
  • Haxx » Curl » Version: 7.45.0
    cpe:2.3:a:haxx:curl:7.45.0
  • Haxx » Curl » Version: 7.46.0
    cpe:2.3:a:haxx:curl:7.46.0
  • Haxx » Curl » Version: 7.47.0
    cpe:2.3:a:haxx:curl:7.47.0
  • Haxx » Curl » Version: 7.47.1
    cpe:2.3:a:haxx:curl:7.47.1
  • Haxx » Curl » Version: 7.48.0
    cpe:2.3:a:haxx:curl:7.48.0
  • Haxx » Curl » Version: 7.49.0
    cpe:2.3:a:haxx:curl:7.49.0
  • Haxx » Curl » Version: 7.49.1
    cpe:2.3:a:haxx:curl:7.49.1
  • Haxx » Curl » Version: 7.50.0
    cpe:2.3:a:haxx:curl:7.50.0
  • Haxx » Curl » Version: 7.50.1
    cpe:2.3:a:haxx:curl:7.50.1
  • Haxx » Curl » Version: 7.50.2
    cpe:2.3:a:haxx:curl:7.50.2
  • Haxx » Curl » Version: 7.50.3
    cpe:2.3:a:haxx:curl:7.50.3
  • Haxx » Curl » Version: 7.51.0
    cpe:2.3:a:haxx:curl:7.51.0
  • Microsoft » Windows Embedded Compact » Version: N/A
    cpe:2.3:o:microsoft:windows_embedded_compact:-


Products
Pricing
Contact Us

Shodan ® - All rights reserved