2
Candidate: CVE-2005-4077
4
https://usn.ubuntu.com/usn/usn-228-1
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4077
7
Multiple off-by-one errors in the cURL library (libcurl) 7.11.2 through
8
7.15.0 allow local users to trigger a buffer overflow and cause a denial of
9
service or bypass PHP security restrictions via certain URLs that (1) are
10
malformed in a way that prevents a terminating null byte from being added
11
to either a hostname or path buffer, or (2) contain a "?" separator in the
12
hostname portion, which causes a "/" to be prepended to the resulting
17
dapper_curl: released (7.15.1-1ubuntu2.1)
18
edgy_curl: released (7.15.4-1ubuntu2.2)
19
feisty_curl: released (7.15.5-1ubuntu2.1)
20
devel_curl: released (7.16.4-2ubuntu1)