In ytnef 1.9.3, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a heap buffer overflow which can be triggered via a crafted file.
[
{
"product": "ytnef",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
]