FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

cURL -- buffer overflow

Affected packages
7.1 <= curl < 7.52


VuXML ID 42880202-c81c-11e6-a9a5-b499baebfeaf
Discovery 2016-12-21
Entry 2016-12-22

The cURL project reports:

printf floating point buffer overflow

libcurl's implementation of the printf() functions triggers a buffer overflow when doing a large floating point output. The bug occurs when the conversion outputs more than 255 bytes.


CVE Name CVE-2016-9586