email@example.com reported a vulnerability in libcurl, the HTTP/FTP retrieval library. This library is used by lots of programs, including
The NTLM authorization in curl had a buffer overflow in the base64 decoding
which allows a remote attacker using a prepared remote server to execute code
for the user using curl.
The Kerberos authorization has a similar bug, but is not compiled in on SUSE