Vulnerabilities > Stafford Uklinux > Libesmtp > 1.0.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-03-31 | CVE-2010-1194 | Cryptographic Issues vulnerability in Stafford.Uklinux Libesmtp The match_component function in smtp-tls.c in libESMTP 1.0.3.r1, and possibly other versions including 1.0.4, treats two strings as equal if one is a substring of the other, which allows remote attackers to spoof trusted certificates via a crafted subjectAltName. | 6.8 |