{
  "schema_version": "1.5.0",
  "id": "CURL-CVE-2000-0973",
  "aliases": [
    "CVE-2000-0973"
  ],
  "summary": "FTP Server Response Buffer Overflow",
  "modified": "2026-04-25T17:48:46.00Z",
  "database_specific": {
    "package": "curl",
    "affects": "both",
    "URL": "https://curl.se/docs/CVE-2000-0973.json",
    "www": "https://curl.se/docs/CVE-2000-0973.html",
    "CWE": {
      "id": "CWE-121",
      "desc": "Stack-based Buffer Overflow"
    },
    "last_affected": "7.4",
    "severity": "Critical"
  },
  "published": "2000-10-13T08:00:00.00Z",
  "affected": [
    {
      "ranges": [
        {
           "type": "SEMVER",
           "events": [
             {"introduced": "6.0"},
             {"fixed": "7.4.1"}
           ]
        },
        {
           "type": "GIT",
           "repo": "https://github.com/curl/curl.git",
           "events": [
             {"introduced": "ae1912cb0d494b48d514d937826c9fe83ec96c4d"},
             {"fixed": "751d503f54596d6d86f969683fec2fe296d9d1f0"}
           ]
        }
      ],
      "versions": [
        "7.4", "7.3", "7.2.1", "7.2", "7.1.1", "7.1", "6.5.2", 
        "6.5.1", "6.5", "6.4", "6.3.1", "6.3", "6.2", "6.1", 
        "6.0"
      ]
    }
  ],
  "credits": [
    {
      "name": "zillion",
      "type": "FINDER"
    }
  ],
  "details": "When storing an FTP server's error message on failure, there was no check for\ninput length and thus a malicious FTP server could overflow curl's stack based\nbuffer."
}