YTNEF Project YTNEF 1.9.3

CPE Details

YTNEF Project YTNEF 1.9.3
1.9.3
2019-10-17
15h27 +00:00
2019-10-17
15h27 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:ytnef_project:ytnef:1.9.3:*:*:*:*:*:*:*

Informations

Vendor

ytnef_project

Product

ytnef

Version

1.9.3

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2009-3721 2021-05-26 19h06 +00:00 Multiple directory traversal and buffer overflow vulnerabilities were discovered in yTNEF, and in Evolution's TNEF parser that is derived from yTNEF. A crafted email could cause these applications to write data in arbitrary locations on the filesystem, crash, or potentially execute arbitrary code when decoding attachments.
7.8
High
CVE-2021-3404 2021-03-04 20h10 +00:00 In ytnef 1.9.3, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a heap buffer overflow which can be triggered via a crafted file.
7.8
High
CVE-2021-3403 2021-03-04 20h10 +00:00 In ytnef 1.9.3, the TNEFSubjectHandler function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a double free which can be triggered via a crafted file.
7.8
High
CVE-2009-3887 2019-10-29 11h37 +00:00 ytnef has directory traversal
9.8
Critical