{ "schema_version": "1.4.0", "id": "GHSA-mj69-wpmp-9c9f", "modified": "2025-04-11T04:08:11Z", "published": "2022-05-05T02:48:41Z", "aliases": [ "CVE-2013-0249" ], "details": "Stack-based buffer overflow in the Curl_sasl_create_digest_md5_message function in lib/curl_sasl.c in curl and libcurl 7.26.0 through 7.28.1, when negotiating SASL DIGEST-MD5 authentication, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the realm parameter in a (1) POP3, (2) SMTP or (3) IMAP message.", "severity": [], "affected": [], "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0249" }, { "type": "WEB", "url": "http://blog.volema.com/curl-rce.html" }, { "type": "WEB", "url": "http://curl.haxx.se/docs/adv_20130206.html" }, { "type": "WEB", "url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html" }, { "type": "WEB", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-February/099140.html" }, { "type": "WEB", "url": "http://nakedsecurity.sophos.com/2013/02/10/anatomy-of-a-vulnerability-curl-web-download-toolkit-holed-by-authentication-bug" }, { "type": "WEB", "url": "http://packetstormsecurity.com/files/120147/cURL-Buffer-Overflow.html" }, { "type": "WEB", "url": "http://packetstormsecurity.com/files/120170/Slackware-Security-Advisory-curl-Updates.html" }, { "type": "WEB", "url": "http://www.exploit-db.com/exploits/24487" }, { "type": "WEB", "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" }, { "type": "WEB", "url": "http://www.osvdb.org/89988" }, { "type": "WEB", "url": "http://www.securityfocus.com/bid/57842" }, { "type": "WEB", "url": "http://www.securitytracker.com/id/1028093" }, { "type": "WEB", "url": "http://www.ubuntu.com/usn/USN-1721-1" } ], "database_specific": { "cwe_ids": [ "CWE-119" ], "severity": "HIGH", "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2013-03-08T22:55:00Z" } }