[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249461

 
 

909

 
 

195508

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
OVAL

libsoup: heap-based over-read in soup_ntlm_parse_challenge() in soup-auth-ntlm.c (CVE-2019-17266)

ID: oval:org.secpod.oval:def:1801628Date: (C)2019-11-27   (M)2023-11-10
Class: PATCHFamily: unix




libsoup from versions 2.65.1 until 2.68.1 have a heap-based buffer over-read because soup_ntlm_parse_challenge in soup-auth-ntlm.c does not properly check an NTLM message"s length before proceeding with a memcpy.

Platform:
Alpine Linux 3.10
Product:
libsoup
Reference:
10991
CVE-2019-17266
CVE    1
CVE-2019-17266
CPE    2
cpe:/a:libsoup:libsoup
cpe:/o:alpinelinux:alpine_linux:3.10

© SecPod Technologies