Ubuntu: Security Advisory (USN-4615-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4615-1: Yerase's TNEF vulnerabilities

It was discovered that Yerase's TNEF had null pointer dereferences, infinite loop, buffer overflow, out of bounds reads, directory traversal issues and other vulnerabilities. An attacker could use those issues to cause a crash and consequently a denial of service. CVE-2017-6298, CVE-2017-6299,...

Debian: Security Advisory (DLA-878-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-878-1 : libytnef security update

CVE-2017-6298 NULL pointer Deref / calloc return value not checked CVE-2017-6299 Infinite Loop / DoS in the TNEFFillMapi function in lib/ytnef.c CVE-2017-6300 Buffer Overflow in version field in lib/tnef-types.h CVE-2017-6301 Out of Bounds Reads CVE-2017-6302 Integer Overflow CVE-2017-6303 Invali...

CVE-2017-6802

CVE-2017-6802 applies to libytnef/ytnef (affecting ytnef prior to 1.9.2 and addressed in later releases). The issue is described as a heap-based over-read related to RTF stream decompression (DecompressRTF()) in libytnef, with related vulnerabilities in the same libytnef set (CVE-2017-6298..6306,...

UBUNTU-CVE-2017-6802

An issue was discovered in ytnef before 1.9.2. There is a potential heap-based buffer over-read on incoming Compressed RTF Streams, related to DecompressRTF in libytnef...