libESMTP up to and including 1.0.6 mishandles domain copying into a fixed-size buffer in ntlm_build_type_2 in ntlm/ntlmstruct.c, as demonstrated by a stack-based buffer over-read.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
libesmtp project libesmtp |