Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

tnef project tnef vulnerabilities and exploits

(subscribe to this query)
9.8
CVSSv3
CVE-2017-8911
An integer underflow has been identified in the unicode_to_utf8() function in tnef 1.4.14. This might lead to invalid write operations, controlled by an attacker.
Tnef Project Tnef 1.4.14
7.8
CVSSv3
CVE-2017-6307
An issue exists in tnef prior to 1.4.13. Two OOB Writes have been identified in src/mapi_attr.c:mapi_attr_read(). These might lead to invalid read and write operations, controlled by an attacker.
Tnef Project TnefDebian Debian Linux 8.0
7.8
CVSSv3
CVE-2017-6308
An issue exists in tnef prior to 1.4.13. Several Integer Overflows, which can lead to Heap Overflows, have been identified in the functions that wrap memory allocation.
Tnef Project TnefDebian Debian Linux 8.0
7.8
CVSSv3
CVE-2017-6309
An issue exists in tnef prior to 1.4.13. Two type confusions have been identified in the parse_file() function. These might lead to invalid read and write operations, controlled by an attacker.
Tnef Project TnefDebian Debian Linux 8.0
7.8
CVSSv3
CVE-2017-6310
An issue exists in tnef prior to 1.4.13. Four type confusions have been identified in the file_add_mapi_attrs() function. These might lead to invalid read and write operations, controlled by an attacker.
Tnef Project TnefDebian Debian Linux 8.0
5.5
CVSSv3
CVE-2019-18849
In tnef prior to 1.4.18, an attacker may be able to write to the victim's .ssh/authorized_keys file via an e-mail message with a crafted winmail.dat application/ms-tnef attachment, because of a heap-based buffer over-read involving strdup.
Tnef Project TnefFedoraproject Fedora 30Fedoraproject Fedora 31Canonical Ubuntu Linux 16.04Debian Debian Linux 8.0
7.8
CVSSv3
CVE-2017-6300
An issue exists in ytnef prior to 1.9.1. This is related to a patch described as "3 of 9. Buffer Overflow in version field in lib/tnef-types.h."
Ytnef Project YtnefDebian Debian Linux 8.0Debian Debian Linux 9.0
7.8
CVSSv3
CVE-2017-6302
An issue exists in ytnef prior to 1.9.1. This is related to a patch described as "5 of 9. Integer Overflow."
Ytnef Project YtnefDebian Debian Linux 8.0Debian Debian Linux 9.0
7.5
CVSSv3
CVE-2017-6801
An issue exists in ytnef prior to 1.9.2. There is a potential out-of-bounds access with fields of Size 0 in TNEFParse() in libytnef.
Ytnef Project YtnefDebian Debian Linux 8.0Debian Debian Linux 9.0
7.5
CVSSv3
CVE-2017-6802
An issue exists in ytnef prior to 1.9.2. There is a potential heap-based buffer over-read on incoming Compressed RTF Streams, related to DecompressRTF() in libytnef.
Ytnef Project YtnefDebian Debian Linux 8.0Debian Debian Linux 9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTICVE-2024-35863CVE-2024-35910man-in-the-middleCVE-2024-35912CVE-2024-25742LFICVE-2024-32002CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook