CVE-2019-3823

libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to smtp_endofresp() isn't NUL terminated and contains no character ending the parsed number, and len is set to 5, then the strtol() call reads beyond the allocated buffer. The read contents will not be returned to the caller.

Published: Feb 6, 2019
Updated: Apr 13, 2023
CVE: CVE-2019-3823
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

CWEs:

CWE-125

Affected Software
References

Software	From	Fixed in
haxx / libcurl	7.34.0	7.64.0
canonical / ubuntu_linux	16.04	16.04.x
canonical / ubuntu_linux	14.04	14.04.x
canonical / ubuntu_linux	18.04	18.04.x
canonical / ubuntu_linux	18.10	18.10.x
debian / debian_linux	9.0	9.0.x
netapp / clustered_data_ontap	-	-
oracle / http_server	12.2.1.3.0	12.2.1.3.0.x
oracle / secure_global_desktop	5.4	5.4.x
oracle / communications_operations_monitor	3.4	3.4.x
oracle / communications_operations_monitor	4.0	4.0.x

Vulnerability Database

289,599

CVE-2019-3823