Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tnef project tnef vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-8911
An integer underflow has been identified in the unicode_to_utf8() function in tnef 1.4.14. This might lead to invalid write operations, controlled by an attacker.
Tnef Project Tnef 1.4.14
7.8
CVSSv3
CVE-2017-6307
An issue exists in tnef prior to 1.4.13. Two OOB Writes have been identified in src/mapi_attr.c:mapi_attr_read(). These might lead to invalid read and write operations, controlled by an attacker.
Tnef Project Tnef
Debian Debian Linux 8.0
7.8
CVSSv3
CVE-2017-6308
An issue exists in tnef prior to 1.4.13. Several Integer Overflows, which can lead to Heap Overflows, have been identified in the functions that wrap memory allocation.
Tnef Project Tnef
Debian Debian Linux 8.0
7.8
CVSSv3
CVE-2017-6309
An issue exists in tnef prior to 1.4.13. Two type confusions have been identified in the parse_file() function. These might lead to invalid read and write operations, controlled by an attacker.
Tnef Project Tnef
Debian Debian Linux 8.0
7.8
CVSSv3
CVE-2017-6310
An issue exists in tnef prior to 1.4.13. Four type confusions have been identified in the file_add_mapi_attrs() function. These might lead to invalid read and write operations, controlled by an attacker.
Tnef Project Tnef
Debian Debian Linux 8.0
5.5
CVSSv3
CVE-2019-18849
In tnef prior to 1.4.18, an attacker may be able to write to the victim's .ssh/authorized_keys file via an e-mail message with a crafted winmail.dat application/ms-tnef attachment, because of a heap-based buffer over-read involving strdup.
Tnef Project Tnef
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Canonical Ubuntu Linux 16.04
Debian Debian Linux 8.0
7.8
CVSSv3
CVE-2017-6300
An issue exists in ytnef prior to 1.9.1. This is related to a patch described as "3 of 9. Buffer Overflow in version field in lib/tnef-types.h."
Ytnef Project Ytnef
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7.8
CVSSv3
CVE-2017-6302
An issue exists in ytnef prior to 1.9.1. This is related to a patch described as "5 of 9. Integer Overflow."
Ytnef Project Ytnef
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7.5
CVSSv3
CVE-2017-6801
An issue exists in ytnef prior to 1.9.2. There is a potential out-of-bounds access with fields of Size 0 in TNEFParse() in libytnef.
Ytnef Project Ytnef
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7.5
CVSSv3
CVE-2017-6802
An issue exists in ytnef prior to 1.9.2. There is a potential heap-based buffer over-read on incoming Compressed RTF Streams, related to DecompressRTF() in libytnef.
Ytnef Project Ytnef
Debian Debian Linux 8.0
Debian Debian Linux 9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »