A flaw in libcurl allows an attacker to insert cookies into a running program if specific conditions are met. The API creates "easy handles" for single transfers, which can be duplicated using a function called curl_easy_duphandle. This can lead to cookies being loaded from a file named none, if the correct file format is used.
Products not listed in the Products Potentially Affected section have not been evaluated. Furthermore, products that have exceeded any software maintenance time periods are also not evaluated and will not be published. Please consult End of Sale and End of Service Life - Extreme Networks for the EOL notices related to the product under question.