Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2013-1762

stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a buffer overflow.

  • Published: Mar 8, 2013
  • Updated: Apr 13, 2023
  • CVE: CVE-2013-1762
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 6.6
  • AV:N/AC:H/Au:N/C:P/I:P/A:C

CWEs: