CURL-CVE-2019-5443
- Source
- https://curl.se/docs/CVE-2019-5443.html
- Import Source
- https://curl.se/docs/CURL-CVE-2019-5443.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CURL-CVE-2019-5443
- Aliases
- Published
- 2019-06-24T08:00:00Z
- Modified
- 2025-01-07T11:34:40Z
- Summary
- Windows OpenSSL engine code injection
- Details
-
A non-privileged user or program can put code and a config file in a known non-privileged path (under
C:/usr/local/) that makes curl automatically run the code (as an OpenSSL "engine") on invocation. If that curl is invoked by a privileged user it can do anything it wants.This flaw exists in the official curl-for-windows binaries built and hosted by the curl project (all versions up to and including 7.65.1_1). It does not exist in the curl executable shipped by Microsoft, bundled with Windows 10. It possibly exists in other curl builds for Windows too that uses OpenSSL.
The curl project has provided official curl executable builds for Windows since late August 2018.
There exists proof of concept exploits of this flaw.
- Database specific
{ "package": "curl", "issue": "https://hackerone.com/reports/608577", "last_affected": "7.65.1", "award": { "currency": "USD", "amount": "200" }, "CWE": { "desc": "Improper Control of Generation of Code ('Code Injection')", "id": "CWE-94" }, "www": "https://curl.se/docs/CVE-2019-5443.html", "affects": "both", "URL": "https://curl.se/docs/CVE-2019-5443.json", "severity": "High" }- References
-
- Credits
-
-
- Rich Mirch - FINDER
-
- Viktor Szakats - REMEDIATION_DEVELOPER
-