The ourWriteOut function in tool_writeout.c in curl 7.53.1 might allow physically proximate attackers to obtain sensitive information from process memory in opportunistic circumstances by reading a workstation screen during use of a --write-out argument ending in a '%' character, which leads to a heap-based buffer over-read.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2017-04-03T20:00:00
Updated: 2024-08-05T16:04:11.297Z
Reserved: 2017-04-03T00:00:00
Link: CVE-2017-7407
Vulnrichment
No data.
NVD
Status : Modified
Published: 2017-04-03T20:59:00.247
Modified: 2024-11-21T03:31:50.077
Link: CVE-2017-7407
Redhat