NTLM Authentication Buffer Overflow
Project curl Security Advisory, February 21st 2005 - Permalink
Due to bad usage of the base64 decode function to a stack-based buffer without checking the data length, it was possible for a malicious HTTP server to overflow the client during NTLM negotiation. The announcement of this flaw was done without contacting us.
The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2005-0490 to this issue.