Product:

Ytnef

(Ytnef_project)
Repositories https://github.com/Yeraze/ytnef
#Vulnerabilities 26
Date Id Summary Products Score Patch Annotated
2017-06-07 CVE-2017-9472 In ytnef 1.9.2, the SwapDWord function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file. Ytnef 5.5
2017-06-07 CVE-2017-9473 In ytnef 1.9.2, the TNEFFillMapi function in lib/ytnef.c allows remote attackers to cause a denial of service (memory consumption) via a crafted file. Ubuntu_linux, Ytnef 5.5
2017-06-07 CVE-2017-9474 In ytnef 1.9.2, the DecompressRTF function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file. Ytnef 5.5
2017-08-02 CVE-2017-12141 In ytnef 1.9.2, a heap-based buffer overflow vulnerability was found in the function TNEFFillMapi in ytnef.c, which allows attackers to cause a denial of service via a crafted file. Ytnef 5.5
2017-08-02 CVE-2017-12142 In ytnef 1.9.2, an invalid memory read vulnerability was found in the function SwapDWord in ytnef.c, which allows attackers to cause a denial of service via a crafted file. Ytnef 5.5
2017-08-02 CVE-2017-12144 In ytnef 1.9.2, an allocation failure was found in the function TNEFFillMapi in ytnef.c, which allows attackers to cause a denial of service via a crafted file. Ytnef 5.5
2021-03-04 CVE-2021-3404 In ytnef 1.9.3, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a heap buffer overflow which can be triggered via a crafted file. Fedora, Enterprise_linux, Ytnef 7.8
2021-03-04 CVE-2021-3403 In ytnef 1.9.3, the TNEFSubjectHandler function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a double free which can be triggered via a crafted file. Fedora, Enterprise_linux, Ytnef 7.8
2021-05-26 CVE-2009-3721 Multiple directory traversal and buffer overflow vulnerabilities were discovered in yTNEF, and in Evolution's TNEF parser that is derived from yTNEF. A crafted email could cause these applications to write data in arbitrary locations on the filesystem, crash, or potentially execute arbitrary code when decoding attachments. Evolution, Ytnef 7.8
2019-10-29 CVE-2009-3887 ytnef has directory traversal Ytnef N/A