CVE-2016-0754

Publication date 29 January 2016

Last updated 25 August 2025

Ubuntu priority

Negligible

Why this priority?

Cvss 3 Severity Score

5.3 · Medium

Score breakdown

Description

cURL before 7.47.0 on Windows allows attackers to write to arbitrary files in the current working directory on a different drive via a colon in a remote file name.

Read the notes from the security team

Status

Package Ubuntu Release Status
curl 15.10 wily
Not affected
15.04 vivid
Not affected
14.04 LTS trusty
Not affected
12.04 LTS precise
Not affected

Notes

seth-arnold

Windows only (anywhere : has special meaning in filenames)

Severity score breakdown

CVSS version: CVSS v3.0

Base score 5.3 · Medium

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

References

Other references

Access our resources on patching vulnerabilities