CVE-2012-0036
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2012-0036
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
curl and libcurl 7.2x before 7.24.0 do not properly consider special characters during extraction of a pathname from a URL, which allows remote attackers to conduct data-injection attacks via a crafted URL, as demonstrated by a CRLF injection attack on the (1) IMAP, (2) POP3, or (3) SMTP protocol.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
cURL/libcURL SQL注入漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
cURL是命令行传输文件工具,支持FTP、FTPS、HTTP、HTTPS、GOPHER、TELNET、DICT、FILE和LDAP。 cURL/libcURL 7.20.0至7.23.1版本中存在输入验证漏洞,攻击者可利用该漏洞向基于libcURL的应用程序中注入任意数据。该漏洞影响下列协议:IMAP、POP3和 SMTP。攻击成功将允许攻击者执行未授权操作,例如欺骗POP3客户端删除信息,或SMTP服务器发送意外信息,也可能执行其它攻击。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2012-0036
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2012-0036
Please Login to view more intelligence information
- http://support.apple.com/kb/HT5281x_refsource_CONFIRM
- http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.htmlx_refsource_CONFIRM
- http://curl.haxx.se/docs/adv_20120124.htmlx_refsource_CONFIRM
- http://curl.haxx.se/curl-url-sanitize.patchx_refsource_CONFIRM
- https://bugzilla.redhat.com/show_bug.cgi?id=773457x_refsource_CONFIRM
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041vendor-advisoryx_refsource_HP
- http://lists.apple.com/archives/security-announce/2012/May/msg00001.htmlvendor-advisoryx_refsource_APPLE
- https://nvd.nist.gov/vuln/detail/CVE-2012-0036
Same Patch Batch · n/a · 2012-04-13 · 15 CVEs total
| CVE-2010-4666 | libarchive 缓冲区溢出漏洞 | |
| CVE-2011-1777 | Red Hat libarchive缓冲区溢出漏洞 | |
| CVE-2011-1778 | Red Hat libarchive缓冲区溢出漏洞 | |
| CVE-2011-1779 | libarchive 资源管理错误漏洞 | |
| CVE-2012-1805 | Koyo多个产品‘ECOM Etherne’模块缓冲区溢出漏洞 | |
| CVE-2012-1806 | Koyo多个产品‘ECOM Ethernet’模块授权问题漏洞 | |
| CVE-2012-1807 | Koyo 多个产品‘ECOM100 Ethernet ’模块跨跨脚本漏洞 | |
| CVE-2012-1808 | Koyo多个产品‘ECOM Ethernet’模块授权问题漏洞 | |
| CVE-2012-1809 | Koyo多个产品‘ECOM Ethernet’模块资源管理错误漏洞 | |
| CVE-2011-4874 | MICROSYS PROMOTIC 资源管理错误漏洞 | |
| CVE-2011-4880 | atvise webMI2ADS多个安全漏洞 | |
| CVE-2011-4881 | Certec atvise webMI2ADS多个安全漏洞 | |
| CVE-2011-4882 | Certec atvise webMI2ADS多个安全漏洞 | |
| CVE-2011-4883 | Certec atvise webMI2ADS多个安全漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8196
JeecgBoot mLogin Endpoint LoginController.java authorization - CVE-2026-8195
JeecgBoot SVG File CommonController.java cross site scriptin - CVE-2026-8194
osTicket Dispatcher class.dispatcher.php cross-site request - CVE-2026-8193
Akaunting Invoice PDF Rendering dompdf.php server-side reque - CVE-2026-8186
Open5GS NF client.c ogs_sbi_client_send_via_scp_or_sepp out-
V. Comments for CVE-2012-0036
No comments yet