7 matches found
Ubuntu: Security Advisory (USN-4615-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4615-1: Yerase's TNEF vulnerabilities
It was discovered that Yerase's TNEF had null pointer dereferences, infinite loop, buffer overflow, out of bounds reads, directory traversal issues and other vulnerabilities. An attacker could use those issues to cause a crash and consequently a denial of service. CVE-2017-6298, CVE-2017-6299,...
Debian: Security Advisory (DLA-878-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-3288-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 3846-1] libytnef security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3846-1 [email protected] https://www.debian.org/security/ Sebastien Delafond May 09, 2017 https://www.debian.org/security/faq -...
Debian DLA-878-1 : libytnef security update
CVE-2017-6298 NULL pointer Deref / calloc return value not checked CVE-2017-6299 Infinite Loop / DoS in the TNEFFillMapi function in lib/ytnef.c CVE-2017-6300 Buffer Overflow in version field in lib/tnef-types.h CVE-2017-6301 Out of Bounds Reads CVE-2017-6302 Integer Overflow CVE-2017-6303 Invali...
CVE-2017-6298
CVE-2017-6298 affects ytnef/libytnef up to version 1.9.1, with multiple related issues including NULL pointer dereferences and heap/write errors in decoding winmail.dat attachments. Public docs show a core vulnerability pattern: NULL pointer dereference, out-of-bounds/heap-buffer issues from inco...