Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tnef project tnef vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2017-8911
An integer underflow has been identified in the unicode_to_utf8() function in tnef 1.4.14. This might lead to invalid write operations, controlled by an attacker.
Tnef Project Tnef 1.4.14
605
VMScore
CVE-2017-6307
An issue exists in tnef prior to 1.4.13. Two OOB Writes have been identified in src/mapi_attr.c:mapi_attr_read(). These might lead to invalid read and write operations, controlled by an attacker.
Tnef Project Tnef
Debian Debian Linux 8.0
605
VMScore
CVE-2017-6308
An issue exists in tnef prior to 1.4.13. Several Integer Overflows, which can lead to Heap Overflows, have been identified in the functions that wrap memory allocation.
Tnef Project Tnef
Debian Debian Linux 8.0
605
VMScore
CVE-2017-6309
An issue exists in tnef prior to 1.4.13. Two type confusions have been identified in the parse_file() function. These might lead to invalid read and write operations, controlled by an attacker.
Tnef Project Tnef
Debian Debian Linux 8.0
605
VMScore
CVE-2017-6310
An issue exists in tnef prior to 1.4.13. Four type confusions have been identified in the file_add_mapi_attrs() function. These might lead to invalid read and write operations, controlled by an attacker.
Tnef Project Tnef
Debian Debian Linux 8.0
383
VMScore
CVE-2019-18849
In tnef prior to 1.4.18, an attacker may be able to write to the victim's .ssh/authorized_keys file via an e-mail message with a crafted winmail.dat application/ms-tnef attachment, because of a heap-based buffer over-read involving strdup.
Tnef Project Tnef
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Canonical Ubuntu Linux 16.04
Debian Debian Linux 8.0
605
VMScore
CVE-2017-6300
An issue exists in ytnef prior to 1.9.1. This is related to a patch described as "3 of 9. Buffer Overflow in version field in lib/tnef-types.h."
Ytnef Project Ytnef
Debian Debian Linux 8.0
Debian Debian Linux 9.0
605
VMScore
CVE-2017-6302
An issue exists in ytnef prior to 1.9.1. This is related to a patch described as "5 of 9. Integer Overflow."
Ytnef Project Ytnef
Debian Debian Linux 8.0
Debian Debian Linux 9.0
445
VMScore
CVE-2017-6801
An issue exists in ytnef prior to 1.9.2. There is a potential out-of-bounds access with fields of Size 0 in TNEFParse() in libytnef.
Ytnef Project Ytnef
Debian Debian Linux 8.0
Debian Debian Linux 9.0
445
VMScore
CVE-2017-6802
An issue exists in ytnef prior to 1.9.2. There is a potential heap-based buffer over-read on incoming Compressed RTF Streams, related to DecompressRTF() in libytnef.
Ytnef Project Ytnef
Debian Debian Linux 8.0
Debian Debian Linux 9.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »