Linux Distros Unpatched Vulnerability : CVE-2017-9474

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In ytnef 1.9.2, the DecompressRTF function in lib/ytnef.c allows remote attackers to cause a denial of service heap-based buffer over-read and application crash...

Fedora 30 : 1:ytnef (2019-7d7083b8be)

ytnef 1.9.3 release, fixing a number of security issues : - CVE-2017-9470 - CVE-2017-9471 - CVE-2017-9474 - CVE-2017-9058 - CVE-2017-12142 - CVE-2017-12141 - CVE-2017-12144 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system...

CVE-2017-9474

In ytnef 1.9.2, the DecompressRTF function in lib/ytnef.c allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted file...

CVE-2017-9474

CVE-2017-9474 affects ytnef 1.9.2: the DecompressRTF function in lib/ytnef.c can be used by a crafted file to cause a denial of service via a heap-based buffer over-read, crashing the application. The vulnerability is confirmed in public CVE records and CNVD/OSV-style entries cite the same issue....