Summary	RTF message buffer overflow
Date	2004-08-26
CVE Number	CVE-2004-0785
Discovered By	Sean (infamous42md)
Fixed In Release	0.82

Description

Buffer overflow. There are some loops that read into fixed-sized buffers and do not check to make sure they are not writing too much.

Mitigation

Added bounds checking to the two loops.

Previous
Content-length DOS (malloc error)

Next
Local hostname resolution buffer overflow