CVE-2006-1061

EPSS 3.8%

Published: 3/21/2006Modified: 4/28/2026

Description

Heap-based buffer overflow in cURL and libcURL 7.15.0 through 7.15.2 allows remote attackers to execute arbitrary commands via a TFTP URL (tftp://) with a valid hostname and a long path.

Affected packages (1)

Debian/curlfrom 0, < 7.15.3-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2006-1061