Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tnef project tnef vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-8911
An integer underflow has been identified in the unicode_to_utf8() function in tnef 1.4.14. This might lead to invalid write operations, controlled by an attacker.
Tnef Project Tnef 1.4.14
7.8
CVSSv3
CVE-2017-6307
An issue exists in tnef prior to 1.4.13. Two OOB Writes have been identified in src/mapi_attr.c:mapi_attr_read(). These might lead to invalid read and write operations, controlled by an attacker.
Tnef Project Tnef
Debian Debian Linux 8.0
7.8
CVSSv3
CVE-2017-6308
An issue exists in tnef prior to 1.4.13. Several Integer Overflows, which can lead to Heap Overflows, have been identified in the functions that wrap memory allocation.
Tnef Project Tnef
Debian Debian Linux 8.0
7.8
CVSSv3
CVE-2017-6309
An issue exists in tnef prior to 1.4.13. Two type confusions have been identified in the parse_file() function. These might lead to invalid read and write operations, controlled by an attacker.
Tnef Project Tnef
Debian Debian Linux 8.0
7.8
CVSSv3
CVE-2017-6310
An issue exists in tnef prior to 1.4.13. Four type confusions have been identified in the file_add_mapi_attrs() function. These might lead to invalid read and write operations, controlled by an attacker.
Tnef Project Tnef
Debian Debian Linux 8.0
5.5
CVSSv3
CVE-2019-18849
In tnef prior to 1.4.18, an attacker may be able to write to the victim's .ssh/authorized_keys file via an e-mail message with a crafted winmail.dat application/ms-tnef attachment, because of a heap-based buffer over-read involving strdup.
Tnef Project Tnef
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Canonical Ubuntu Linux 16.04
Debian Debian Linux 8.0
7.8
CVSSv3
CVE-2017-6300
An issue exists in ytnef prior to 1.9.1. This is related to a patch described as "3 of 9. Buffer Overflow in version field in lib/tnef-types.h."
Ytnef Project Ytnef
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7.8
CVSSv3
CVE-2017-6302
An issue exists in ytnef prior to 1.9.1. This is related to a patch described as "5 of 9. Integer Overflow."
Ytnef Project Ytnef
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7.8
CVSSv3
CVE-2017-6298
An issue exists in ytnef prior to 1.9.1. This is related to a patch described as "1 of 9. Null Pointer Deref / calloc return value not checked."
Ytnef Project Ytnef
Debian Debian Linux 8.0
Debian Debian Linux 9.0
5.5
CVSSv3
CVE-2017-6299
An issue exists in ytnef prior to 1.9.1. This is related to a patch described as "2 of 9. Infinite Loop / DoS in the TNEFFillMapi function in lib/ytnef.c."
Ytnef Project Ytnef
Debian Debian Linux 8.0
Debian Debian Linux 9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36920
buffer overflow
CVE-2024-36913
CVE-2024-5497
CVE-2024-23917
CVE-2024-4956
server-side request forgery
CVE-2024-35468
SSTI
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »