A critical buffer overflow vulnerability patched this week in the widely used open-source cURL library (libcurl) has the potential to expose a large number of applications and systems to remote code execution attacks. CURL is a cross-platform command line tool and library for transferring data using URL (uniform resource locator) syntax. It supports a wide range of protocols including HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3, POP3S, DICT, FILE, FTP, FTPS, Gopher, RTMP, RTSP, SCP, SFTP, SMTP, SMTPS, Telnet, and TFTP.