20 matches found
EUVD-2022-1484
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-26336
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A shortcoming in the HMEF package of poi-scratchpad Apache POI allows an attacker to cause an Out of Memory exception. This package is used to read TNEF files...
Security Bulletin: A shortcoming in the HMEF package of poi-scratchpad (Apache POI) allows an attacker to cause an Out of Memory exception, which affects IBM watsonx.data
Summary A shortcoming in the HMEF package of poi-scratchpad Apache POI allows an attacker to cause an Out of Memory exception. This package is used to read TNEF files Microsoft Outlook and Microsoft Exchange Server. If an application uses poi-scratchpad to parse TNEF files and the application...
poi-scratchpad: A carefully crafted TNEF file can cause an out of memory exception
A shortcoming in the HMEF package of poi-scratchpad Apache POI allows an attacker to cause an Out of Memory exception. This package is used to read TNEF files Microsoft Outlook and Microsoft Exchange Server. If an application uses poi-scratchpad to parse TNEF files and the application allows...
CVE-2022-26336
A shortcoming in the HMEF package of poi-scratchpad Apache POI allows an attacker to cause an Out of Memory exception. This package is used to read TNEF files Microsoft Outlook and Microsoft Exchange Server. If an application uses poi-scratchpad to parse TNEF files and the application allows...
GHSA-MQVP-7RRG-9JXC Improper Input Validation and Allocation of Resources Without Limits or Throttling in poi-scratchpad
A shortcoming in the HMEF package of poi-scratchpad Apache POI allows an attacker to cause an Out of Memory exception. This package is used to read TNEF files Microsoft Outlook and Microsoft Exchange Server. If an application uses poi-scratchpad to parse TNEF files and the application allows...
Improper Input Validation and Allocation of Resources Without Limits or Throttling in poi-scratchpad
A shortcoming in the HMEF package of poi-scratchpad Apache POI allows an attacker to cause an Out of Memory exception. This package is used to read TNEF files Microsoft Outlook and Microsoft Exchange Server. If an application uses poi-scratchpad to parse TNEF files and the application allows...
CVE-2022-26336
A shortcoming in the HMEF package of poi-scratchpad Apache POI allows an attacker to cause an Out of Memory exception. This package is used to read TNEF files Microsoft Outlook and Microsoft Exchange Server. If an application uses poi-scratchpad to parse TNEF files and the application allows...
CVE-2022-26336
A shortcoming in the HMEF package of poi-scratchpad Apache POI allows an attacker to cause an Out of Memory exception. This package is used to read TNEF files Microsoft Outlook and Microsoft Exchange Server. If an application uses poi-scratchpad to parse TNEF files and the application allows...
CVE-2022-26336
A shortcoming in the HMEF package of poi-scratchpad Apache POI allows an attacker to cause an Out of Memory exception. This package is used to read TNEF files Microsoft Outlook and Microsoft Exchange Server. If an application uses poi-scratchpad to parse TNEF files and the application allows...
CVE-2022-26336
A shortcoming in the HMEF package of poi-scratchpad Apache POI allows an attacker to cause an Out of Memory exception. This package is used to read TNEF files Microsoft Outlook and Microsoft Exchange Server. If an application uses poi-scratchpad to parse TNEF files and the application allows...
CVE-2022-26336 A carefully crafted TNEF file can cause an out of memory exception
A shortcoming in the HMEF package of poi-scratchpad Apache POI allows an attacker to cause an Out of Memory exception. This package is used to read TNEF files Microsoft Outlook and Microsoft Exchange Server. If an application uses poi-scratchpad to parse TNEF files and the application allows...
CVE-2022-26336
CVE-2022-26336 affects the poi-scratchpad HMEF package in Apache POI used to read TNEF files. The issue can trigger an Out of Memory exception when parsing untrusted TNEF inputs, impacting poi-scratchpad versions up to 5.2.0. The publicly recommended remediation is to upgrade to poi-scratchpad 5....
ytnef 资源管理错误漏洞
ytnef is a program that collaborates with procmail to decode TNEF streams. A double release vulnerability exists in the TNEFSubjectHandler function in lib/ytnef.c in ytnef 1.9.3. A remote attacker can exploit this vulnerability via specially crafted files to cause a denial of service and possibly...
ytnef buffer overflow vulnerability (CNVD-2017-07744)
ytnef is an application library for extracting data from winmail.dat files. A buffer overflow vulnerability exists in the 'TNEFFillMapi' function in the lib/ytnef.c file of libytnef in ytnef 1.9.2 and earlier versions. A remote attacker can exploit this vulnerability to cause a denial of service...
Symantec Protection for SharePoint Servers 6.0.3 to 6.0.5 < HF1.5 / 6.0.6 < HF1.6 Multiple Vulnerabilities (SYM16-010)
The version of Symantec Protection for SharePoint Servers installed on the remote host is 6.0.3 to 6.0.5 prior to HF1.5 or 6.0.6 prior to HF1.6. It is, therefore, affected by multiple vulnerabilities : - An array indexing error exists in the Unpack::ShortLZ function within file unpack15.cpp due t...
The vulnerability of Symantec’s antivirus protection tools allows a hacker to trigger a service failure or execute arbitrary code.
The vulnerability of Symantec’s Decomposer antivirus protection system stems from a numerical overflow or buffer overflow. Exploiting this vulnerability allows an attacker to cause a service failure memory corruption or execute arbitrary code using specially crafted TNEF format files...
Symantec Mail Security for Exchange / Domino Decomposer Engine Multiple Vulnerabilities (SYM16-010)
The version of Symantec Mail Security for Exchange or Domino installed on the remote Windows host is affected by multiple vulnerabilities in the decomposer engine : - An array indexing error exists in the UnRAR component in the Unpack::ShortLZ function in unpack15.cpp that is triggered when...
MGASA-2014-0531 Updated claws-mail packages fix security vulnerability
Off-by-one error in the DecompressRTF function in ytnef.c in Yerase's TNEF Stream Reader allows remote attackers to cause a denial of service crash via a crafted TNEF file, which triggers a buffer overflow CVE-2010-5109. The claws-mail package contains an embedded copf of libytnef, which has been...
FreeBSD : clamav -- multiple remote buffer overflows (1db7ecf5-fd24-11d9-b4d6-0007e900f87b)
An Secunia Advisory reports : Neel Mehta and Alex Wheeler have reported some vulnerabilities in Clam AntiVirus, which can be exploited by malicious people to cause a DoS Denial of Service or compromise a vulnerable system. - Two integer overflow errors in 'libclamav/tnef.c' when processing TNEF...