VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Mar 8, 2013· Updated Apr 29, 2026

CVE-2013-1762

CVE-2013-1762

Description

stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a buffer overflow.

Affected products

34
  • Stunnel/Stunnel34 versions
    cpe:2.3:a:stunnel:stunnel:*:*:*:*:*:*:*:*+ 33 more
    • cpe:2.3:a:stunnel:stunnel:*:*:*:*:*:*:*:*range: <=4.54
    • cpe:2.3:a:stunnel:stunnel:4.21:*:*:*:*:*:*:*
    • cpe:2.3:a:stunnel:stunnel:4.22:*:*:*:*:*:*:*
    • cpe:2.3:a:stunnel:stunnel:4.23:*:*:*:*:*:*:*
    • cpe:2.3:a:stunnel:stunnel:4.24:*:*:*:*:*:*:*
    • cpe:2.3:a:stunnel:stunnel:4.25:*:*:*:*:*:*:*
    • cpe:2.3:a:stunnel:stunnel:4.26:*:*:*:*:*:*:*
    • cpe:2.3:a:stunnel:stunnel:4.27:*:*:*:*:*:*:*
    • cpe:2.3:a:stunnel:stunnel:4.28:*:*:*:*:*:*:*
    • cpe:2.3:a:stunnel:stunnel:4.29:*:*:*:*:*:*:*
    • cpe:2.3:a:stunnel:stunnel:4.30:*:*:*:*:*:*:*
    • cpe:2.3:a:stunnel:stunnel:4.31:*:*:*:*:*:*:*
    • cpe:2.3:a:stunnel:stunnel:4.32:*:*:*:*:*:*:*
    • cpe:2.3:a:stunnel:stunnel:4.33:*:*:*:*:*:*:*
    • cpe:2.3:a:stunnel:stunnel:4.34:*:*:*:*:*:*:*
    • cpe:2.3:a:stunnel:stunnel:4.35:*:*:*:*:*:*:*
    • cpe:2.3:a:stunnel:stunnel:4.36:*:*:*:*:*:*:*
    • cpe:2.3:a:stunnel:stunnel:4.37:*:*:*:*:*:*:*
    • cpe:2.3:a:stunnel:stunnel:4.38:*:*:*:*:*:*:*
    • cpe:2.3:a:stunnel:stunnel:4.39:*:*:*:*:*:*:*
    • cpe:2.3:a:stunnel:stunnel:4.40:*:*:*:*:*:*:*
    • cpe:2.3:a:stunnel:stunnel:4.41:*:*:*:*:*:*:*
    • cpe:2.3:a:stunnel:stunnel:4.42:*:*:*:*:*:*:*
    • cpe:2.3:a:stunnel:stunnel:4.43:*:*:*:*:*:*:*
    • cpe:2.3:a:stunnel:stunnel:4.44:*:*:*:*:*:*:*
    • cpe:2.3:a:stunnel:stunnel:4.45:*:*:*:*:*:*:*
    • cpe:2.3:a:stunnel:stunnel:4.46:*:*:*:*:*:*:*
    • cpe:2.3:a:stunnel:stunnel:4.47:*:*:*:*:*:*:*
    • cpe:2.3:a:stunnel:stunnel:4.48:*:*:*:*:*:*:*
    • cpe:2.3:a:stunnel:stunnel:4.49:*:*:*:*:*:*:*
    • cpe:2.3:a:stunnel:stunnel:4.50:*:*:*:*:*:*:*
    • cpe:2.3:a:stunnel:stunnel:4.51:*:*:*:*:*:*:*
    • cpe:2.3:a:stunnel:stunnel:4.52:*:*:*:*:*:*:*
    • cpe:2.3:a:stunnel:stunnel:4.53:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

5

News mentions

0

No linked articles in our index yet.