CVE-2015-3143

cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015.

Date published : 2015-04-24

http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html

http://www.securityfocus.com/bid/74299