VulnerableCode Vulnerability Details

Search for vulnerabilities

System	Score	Found at
epss	0.00266	https://api.first.org/data/v1/epss?cve=CVE-2005-4077
epss	0.00266	https://api.first.org/data/v1/epss?cve=CVE-2005-4077
epss	0.00266	https://api.first.org/data/v1/epss?cve=CVE-2005-4077
epss	0.00266	https://api.first.org/data/v1/epss?cve=CVE-2005-4077
epss	0.00266	https://api.first.org/data/v1/epss?cve=CVE-2005-4077
epss	0.00266	https://api.first.org/data/v1/epss?cve=CVE-2005-4077
epss	0.00266	https://api.first.org/data/v1/epss?cve=CVE-2005-4077
epss	0.00266	https://api.first.org/data/v1/epss?cve=CVE-2005-4077
epss	0.00266	https://api.first.org/data/v1/epss?cve=CVE-2005-4077
epss	0.00266	https://api.first.org/data/v1/epss?cve=CVE-2005-4077
cvssv3.1	High	https://curl.se/docs/CVE-2005-4077.html
cvssv2	4.6	https://nvd.nist.gov/vuln/detail/CVE-2005-4077

System

Score

Found at

epss

0.00266

https://api.first.org/data/v1/epss?cve=CVE-2005-4077

epss

0.00266

https://api.first.org/data/v1/epss?cve=CVE-2005-4077

epss

0.00266

https://api.first.org/data/v1/epss?cve=CVE-2005-4077

epss

0.00266

https://api.first.org/data/v1/epss?cve=CVE-2005-4077

epss

0.00266

https://api.first.org/data/v1/epss?cve=CVE-2005-4077

epss

0.00266

https://api.first.org/data/v1/epss?cve=CVE-2005-4077

epss

0.00266

https://api.first.org/data/v1/epss?cve=CVE-2005-4077

epss

0.00266

https://api.first.org/data/v1/epss?cve=CVE-2005-4077

epss

0.00266

https://api.first.org/data/v1/epss?cve=CVE-2005-4077

epss

0.00266

https://api.first.org/data/v1/epss?cve=CVE-2005-4077

cvssv3.1

High

https://curl.se/docs/CVE-2005-4077.html

cvssv2

4.6

https://nvd.nist.gov/vuln/detail/CVE-2005-4077

Reference id

Reference type

URL

ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.16/SCOSA-2006.16.txt

http://curl.haxx.se/docs/adv_20051207.html

http://docs.info.apple.com/article.html?artnum=307562

http://lists.apple.com/archives/security-announce/2006/May/msg00003.html

http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html

http://qa.openoffice.org/issues/show_bug.cgi?id=59032

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-4077.json

https://api.first.org/data/v1/epss?cve=CVE-2005-4077

https://curl.se/docs/CVE-2005-4077.html

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4077

http://secunia.com/advisories/17907

http://secunia.com/advisories/17960

http://secunia.com/advisories/17961

http://secunia.com/advisories/17965

http://secunia.com/advisories/17977

http://secunia.com/advisories/18105

http://secunia.com/advisories/18188

http://secunia.com/advisories/18336

http://secunia.com/advisories/19261

http://secunia.com/advisories/19433

http://secunia.com/advisories/19457

http://secunia.com/advisories/20077

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10855

http://www.debian.org/security/2005/dsa-919

http://www.gentoo.org/security/en/glsa/glsa-200512-09.xml

http://www.gentoo.org/security/en/glsa/glsa-200603-25.xml

http://www.hardened-php.net/advisory_242005.109.html

http://www.mandriva.com/security/advisories?name=MDKSA-2005:224

http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00020.html

http://www.redhat.com/support/errata/RHSA-2005-875.html

http://www.securityfocus.com/archive/1/418849/100/0/threaded

http://www.securityfocus.com/bid/15756

http://www.securityfocus.com/bid/17951

http://www.trustix.org/errata/2005/0072/

http://www.us-cert.gov/cas/techalerts/TA06-132A.html

http://www.vupen.com/english/advisories/2005/2791

http://www.vupen.com/english/advisories/2006/0960

http://www.vupen.com/english/advisories/2006/1779

http://www.vupen.com/english/advisories/2008/0924/references

1617850

https://bugzilla.redhat.com/show_bug.cgi?id=1617850

342339

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342339

cpe:2.3:a:daniel_stenberg:curl:7.11.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:daniel_stenberg:curl:7.11.2:*:*:*:*:*:*:*

cpe:2.3:a:daniel_stenberg:curl:7.12:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:daniel_stenberg:curl:7.12:*:*:*:*:*:*:*

cpe:2.3:a:daniel_stenberg:curl:7.12.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:daniel_stenberg:curl:7.12.1:*:*:*:*:*:*:*

cpe:2.3:a:daniel_stenberg:curl:7.12.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:daniel_stenberg:curl:7.12.2:*:*:*:*:*:*:*

cpe:2.3:a:daniel_stenberg:curl:7.12.3:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:daniel_stenberg:curl:7.12.3:*:*:*:*:*:*:*

cpe:2.3:a:daniel_stenberg:curl:7.13:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:daniel_stenberg:curl:7.13:*:*:*:*:*:*:*

cpe:2.3:a:daniel_stenberg:curl:7.13.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:daniel_stenberg:curl:7.13.1:*:*:*:*:*:*:*

cpe:2.3:a:daniel_stenberg:curl:7.13.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:daniel_stenberg:curl:7.13.2:*:*:*:*:*:*:*

cpe:2.3:a:daniel_stenberg:curl:7.14:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:daniel_stenberg:curl:7.14:*:*:*:*:*:*:*

cpe:2.3:a:daniel_stenberg:curl:7.14.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:daniel_stenberg:curl:7.14.1:*:*:*:*:*:*:*

cpe:2.3:a:daniel_stenberg:curl:7.15:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:daniel_stenberg:curl:7.15:*:*:*:*:*:*:*

CVE-2005-4077

https://nvd.nist.gov/vuln/detail/CVE-2005-4077

GLSA-200512-09

https://security.gentoo.org/glsa/200512-09

GLSA-200603-25

https://security.gentoo.org/glsa/200603-25

RHSA-2005:875

https://access.redhat.com/errata/RHSA-2005:875

USN-228-1

https://usn.ubuntu.com/228-1/

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T13:03:36.359860+00:00	Gentoo Importer	Import	https://security.gentoo.org/glsa/200512-09	38.0.0

2026-04-01T13:03:36.359860+00:00

Gentoo Importer

Import

https://security.gentoo.org/glsa/200512-09

38.0.0

Vulnerability ID	VCID-9q2w-yxvk-pbhd
Aliases	CVE-2005-4077
Summary	cURL is vulnerable to local arbitrary code execution via buffer overflow due to the insecure parsing of URLs.
Status	Published
Exploitability	0.5
Weighted Severity	6.2
Risk	3.1
Affected and Fixed Packages	Package Details

CWE-189	Numeric Errors
CWE-122	Heap-based Buffer Overflow

Percentile	0.50051
EPSS Score	0.00266
Published At	April 1, 2026, 12:55 p.m.