CVE-2016-8621

Name of the Vulnerable Software and Affected Versions curl versions prior to 7.51.0

Description The curl getdate function is vulnerable to an out of bounds read if it receives an input with one digit short. This function converts a given date string into a numerical timestamp and supports various formats. It is also used internally when parsing HTTP cookies and conditional HTTP requests. The date parser function uses the libc sscanf() function, which can parse strings with HH:MM or HH:MM:SS formats. If the input string has the final digit cut off, the date parser code advances its read pointer one byte too much, resulting in an out of bounds read.

Recommendations For versions prior to 7.51.0, update to version 7.51.0 or later to resolve the issue. As a temporary workaround, consider restricting the use of the curl getdate function until a patch is available. Avoid using the curl getdate function with input strings that may have the final digit cut off.