CVE-2017-7407

low-risk

Published 2017-04-03

The ourWriteOut function in tool_writeout.c in curl 7.53.1 might allow physically proximate attackers to obtain sensitive information from process memory in opportunistic circumstances by reading a workstation screen during use of a --write-out argument ending in a '%' character, which leads to a heap-based buffer over-read.

Do I need to act?

0.28% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 2.4/10 Low

PHYSICAL / LOW complexity

Affected Products (1)

Curl

Affected Vendors

Haxx

References (8)

http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

https://access.redhat.com/errata/RHSA-2018:3558

Patch https://github.com/curl/curl/commit/1890d59905414ab84a35892b2e45833654aa5c13

https://security.gentoo.org/glsa/201709-14

http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

https://access.redhat.com/errata/RHSA-2018:3558

Patch https://github.com/curl/curl/commit/1890d59905414ab84a35892b2e45833654aa5c13

https://security.gentoo.org/glsa/201709-14

/ 100

low-risk

Severity 10/34 · Low

Exploitability 1/34 · Minimal

Exposure 5/34 · Minimal