CVE-2013-2174 (retired)

Priority
Description
Heap-based buffer overflow in the curl_easy_unescape function in
lib/escape.c in cURL and libcurl 7.7 through 7.30.0 allows remote attackers
to cause a denial of service (application crash) or possibly execute
arbitrary code via a crafted string ending in a "%" (percent) character.
Assigned-to
mdeslaur
More Information

Updated: 2019-09-19 15:44:29 UTC (commit d32ebc32606b9517c6fa7d65a15441e2a57a6de5)