Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2016-9953

The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built for Windows CE using the schannel TLS backend, allows remote attackers to obtain sensitive information, cause a denial of service (crash), or possibly have unspecified other impact via a wildcard certificate name, which triggers an out-of-bounds read.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.031
EPSS Ranking 86.1%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
Products affected by CVE-2016-9953
  • Haxx » Curl » Version: 7.30.0
    cpe:2.3:a:haxx:curl:7.30.0
  • Haxx » Curl » Version: 7.31.0
    cpe:2.3:a:haxx:curl:7.31.0
  • Haxx » Curl » Version: 7.32.0
    cpe:2.3:a:haxx:curl:7.32.0
  • Haxx » Curl » Version: 7.33.0
    cpe:2.3:a:haxx:curl:7.33.0
  • Haxx » Curl » Version: 7.34.0
    cpe:2.3:a:haxx:curl:7.34.0
  • Haxx » Curl » Version: 7.35.0
    cpe:2.3:a:haxx:curl:7.35.0
  • Haxx » Curl » Version: 7.36.0
    cpe:2.3:a:haxx:curl:7.36.0
  • Haxx » Curl » Version: 7.37.0
    cpe:2.3:a:haxx:curl:7.37.0
  • Haxx » Curl » Version: 7.37.1
    cpe:2.3:a:haxx:curl:7.37.1
  • Haxx » Curl » Version: 7.38.0
    cpe:2.3:a:haxx:curl:7.38.0
  • Haxx » Curl » Version: 7.39.0
    cpe:2.3:a:haxx:curl:7.39.0
  • Haxx » Curl » Version: 7.40.0
    cpe:2.3:a:haxx:curl:7.40.0
  • Haxx » Curl » Version: 7.41.0
    cpe:2.3:a:haxx:curl:7.41.0
  • Haxx » Curl » Version: 7.42.0
    cpe:2.3:a:haxx:curl:7.42.0
  • Haxx » Curl » Version: 7.42.1
    cpe:2.3:a:haxx:curl:7.42.1
  • Haxx » Curl » Version: 7.43.0
    cpe:2.3:a:haxx:curl:7.43.0
  • Haxx » Curl » Version: 7.44.0
    cpe:2.3:a:haxx:curl:7.44.0
  • Haxx » Curl » Version: 7.45.0
    cpe:2.3:a:haxx:curl:7.45.0
  • Haxx » Curl » Version: 7.46.0
    cpe:2.3:a:haxx:curl:7.46.0
  • Haxx » Curl » Version: 7.47.0
    cpe:2.3:a:haxx:curl:7.47.0
  • Haxx » Curl » Version: 7.47.1
    cpe:2.3:a:haxx:curl:7.47.1
  • Haxx » Curl » Version: 7.48.0
    cpe:2.3:a:haxx:curl:7.48.0
  • Haxx » Curl » Version: 7.49.0
    cpe:2.3:a:haxx:curl:7.49.0
  • Haxx » Curl » Version: 7.49.1
    cpe:2.3:a:haxx:curl:7.49.1
  • Haxx » Curl » Version: 7.50.0
    cpe:2.3:a:haxx:curl:7.50.0
  • Haxx » Curl » Version: 7.50.1
    cpe:2.3:a:haxx:curl:7.50.1
  • Haxx » Curl » Version: 7.50.2
    cpe:2.3:a:haxx:curl:7.50.2
  • Haxx » Curl » Version: 7.50.3
    cpe:2.3:a:haxx:curl:7.50.3
  • Haxx » Curl » Version: 7.51.0
    cpe:2.3:a:haxx:curl:7.51.0
  • Microsoft » Windows Embedded Compact » Version: N/A
    cpe:2.3:o:microsoft:windows_embedded_compact:-


Products
Pricing
Contact Us

Shodan ® - All rights reserved