Buffer overflow in readsmtpresponse of protocol.c in libesmtp before 0.8.11 allows a remote SMTP server to (1) execute arbitrary code via a certain response or (2) cause a denial of service via long server responses.
{ "urgency": "not yet assigned" }