Back to directory
WRITEUP #1559

cURL audit: How a joke led to significant findings

OtherMemory corruption
byMaciej Domanski
Program
Internet Bug Bounty (curl)
Published
Feb 14, 2023
Added to HackDex
Feb 16, 2023
Read Full Writeuphttps://blog.trailofbits.com/2023/02/14/curl-audit-fuzzing-libcurl-command-line-interface/
RELATED WRITEUPS
Ghost In The Ppl Part 1: Byovdll
OtherUse-After-Free
Part 2: From Byovdll To Arbitrary Code Execution In Lsass
OtherUse-After-Free
Ghost in the PPL Part 3: LSASS Memory Dump
OtherUse-After-Free
CVE-2024-37079:
OtherInteger underflow
Vulnerabilities in NodeJS C/C++ add-on extensions
OtherMemory corruption

Built with ❤️ by Shubham Rawat