Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

cURL/libcURL Remote Input Validation



The cURL program is a library and command-line tool for transferring data using various protocols, including HTTP, FTP, and LDAP. A vulnerable version of cURL was detected from the host.


An input validation vulnerability occurs when the application fails to properly sanitize a user-supplied fileptah part of an URL before passing it to the protocol-specific code. A remote attacker could exploit this issue to execute arbitrary code in the context of the affected application. (CVE-2012-0036)

Affected versions include versions 7.20.0 through 7.23.1.


Upgrade the affected packages; the next version of cURL that fixes the issue is cURL 7.24.0.