Unrated severityNVD Advisory· Published Jun 22, 2015· Updated May 6, 2026
CVE-2015-3237
CVE-2015-3237
Description
The smb_request_state function in cURL and libcurl 7.40.0 through 7.42.1 allows remote SMB servers to obtain sensitive information from memory or cause a denial of service (out-of-bounds read and crash) via crafted length and offset values.
Affected products
14- cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*Range: <=7.5.3.1
cpe:2.3:a:oracle:enterprise_manager_ops_center:12.1.4:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:oracle:enterprise_manager_ops_center:12.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:glassfish_server:3.0.1:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:oracle:glassfish_server:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:glassfish_server:3.1.2:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
11- www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.htmlnvdPatchThird Party Advisory
- curl.haxx.se/docs/adv_20150617B.htmlnvdVendor Advisory
- www.securityfocus.com/bid/91787nvdThird Party AdvisoryVDB Entry
- h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplaynvdThird Party Advisory
- lists.fedoraproject.org/pipermail/package-announce/2015-June/160660.htmlnvd
- www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.htmlnvd
- www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.htmlnvd
- www.securityfocus.com/bid/75387nvd
- www.securitytracker.com/id/1036371nvd
- h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplaynvd
- security.gentoo.org/glsa/201509-02nvd
News mentions
0No linked articles in our index yet.