YTNEF Project YTNEF 1.7

CPE Details

YTNEF Project YTNEF 1.7
ytnef_project
ytnef
1.7
2019-10-17
15h27 +00:00
2019-10-17
15h27 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:ytnef_project:ytnef:1.7:*:*:*:*:*:*:*

Informations

Vendor

ytnef_project

Product

ytnef

Version

1.7

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2009-3721 2021-05-26 19h06 +00:00 Multiple directory traversal and buffer overflow vulnerabilities were discovered in yTNEF, and in Evolution's TNEF parser that is derived from yTNEF. A crafted email could cause these applications to write data in arbitrary locations on the filesystem, crash, or potentially execute arbitrary code when decoding attachments.
7.8
High
CVE-2009-3887 2019-10-29 11h37 +00:00 ytnef has directory traversal
9.8
Critical
CVE-2017-9146 2017-05-22 16h00 +00:00 The TNEFFillMapi function in lib/ytnef.c in libytnef in ytnef through 1.9.2 does not ensure a nonzero count value before a certain memory allocation, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted tnef file.
8.8
High
CVE-2017-9058 2017-05-18 04h13 +00:00 In libytnef in ytnef through 1.9.2, there is a heap-based buffer over-read due to incorrect boundary checking in the SIZECHECK macro in lib/ytnef.c.
9.8
Critical
CVE-2017-6800 2017-03-10 09h29 +00:00 An issue was discovered in ytnef before 1.9.2. An invalid memory access (heap-based buffer over-read) can occur during handling of LONG data types, related to MAPIPrint() in libytnef.
7.5
High
CVE-2017-6801 2017-03-10 09h29 +00:00 An issue was discovered in ytnef before 1.9.2. There is a potential out-of-bounds access with fields of Size 0 in TNEFParse() in libytnef.
7.5
High
CVE-2017-6802 2017-03-10 09h29 +00:00 An issue was discovered in ytnef before 1.9.2. There is a potential heap-based buffer over-read on incoming Compressed RTF Streams, related to DecompressRTF() in libytnef.
7.5
High
CVE-2017-6298 2017-02-24 03h23 +00:00 An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "1 of 9. Null Pointer Deref / calloc return value not checked."
7.8
High
CVE-2017-6299 2017-02-24 03h23 +00:00 An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "2 of 9. Infinite Loop / DoS in the TNEFFillMapi function in lib/ytnef.c."
5.5
Medium
CVE-2017-6300 2017-02-24 03h23 +00:00 An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "3 of 9. Buffer Overflow in version field in lib/tnef-types.h."
7.8
High
CVE-2017-6301 2017-02-24 03h23 +00:00 An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "4 of 9. Out of Bounds Reads."
7.8
High
CVE-2017-6302 2017-02-24 03h23 +00:00 An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "5 of 9. Integer Overflow."
7.8
High
CVE-2017-6303 2017-02-24 03h23 +00:00 An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "6 of 9. Invalid Write and Integer Overflow."
7.8
High
CVE-2017-6304 2017-02-24 03h23 +00:00 An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "7 of 9. Out of Bounds read."
7.8
High
CVE-2017-6305 2017-02-24 03h23 +00:00 An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "8 of 9. Out of Bounds read and write."
7.8
High
CVE-2017-6306 2017-02-24 03h23 +00:00 An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "9 of 9. Directory Traversal using the filename; SanitizeFilename function in settings.c."
7.8
High