CVE-2019-19977 — Out-of-bounds Read in Project Libesmtp

CWE-125 — Out-of-bounds Read8 documents7 sources

Severity

9.8CRITICALNVD

EPSS

0.6%

top 29.28%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Libesmtp Project Libesmtp Debian Libesmtp Msrc Azl3 Libesmtp 1.0.6-21 ON Azure Linux 3.0 +5 more

Timeline

PublishedDec 26

Latest updateMay 24

Description

libESMTP through 1.0.6 mishandles domain copying into a fixed-size buffer in ntlm_build_type_2 in ntlm/ntlmstruct.c, as demonstrated by a stack-based buffer over-read.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages8 packages

▶NVDlibesmtp_project/libesmtp1.0.6

▶debiandebian/libesmtp

▶msrcmsrc/azl3_libesmtp_1.0.6-21_on_azure_linux_3.0

▶msrcmsrc/cbl2_libesmtp_1.0.6-21_on_cbl_mariner_2.0

▶msrcmsrc/azure_linux_3.0_arm

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

GHSA-cxg8-9wrx-2mhp: libESMTP through 1↗2022-05-24

▶

OSV

CVE-2019-19977: libESMTP through 1↗2019-12-26

▶

📋Vendor Advisories

Red Hat

libesmtp: Stack-based buffer over-read in ntlm_build_type_2() in ntlm/ntlmstruct.c↗2019-12-26

▶

Microsoft

libESMTP through 1.0.6 mishandles domain copying into a fixed-size buffer in ntlm_build_type_2 in ntlm/ntlmstruct.c as demonstrated by a stack-based buffer over-read.↗2019-12-10

▶

Debian

CVE-2019-19977: libesmtp - libESMTP through 1.0.6 mishandles domain copying into a fixed-size buffer in ntl...↗2019

▶

💬Community

Bugzilla

CVE-2019-19977 libesmtp: Stack-based buffer over-read in ntlm_build_type_2() in ntlm/ntlmstruct.c↗2020-01-08

▶

Bugzilla

CVE-2019-19977 libesmtp: Stack-based buffer over-read in ntlm_build_type_2() in ntlm/ntlmstruct.c [fedora-all]↗2020-01-08

▶