CVE-2021-3403

CVE-2021-3403 affects ytnef 1.9.3: the TNEFSubjectHandler in lib/ytnef.c can trigger a double free via a crafted file, leading to denial of service and potentially code execution. Multiple connected sources document the same flaw and note unpatched/affected systems; Gentoo GLSA 202405-24 recommen...

Heap overflow

In ytnef 1.9.2, the SwapDWord function in lib/ytnef.c allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted file...

CVE-2017-9471

The CVE-2017-9471 issue affects ytnef 1.9.2 where the SwapWord function in lib/ytnef.c can be exploited by a crafted file to trigger a heap-based buffer over-read, leading to application crash (DoS). Descriptions across connected sources confirm the vulnerability in libytnef and its impact as a d...

CVE-2017-9473

In ytnef 1.9.2, the TNEFFillMapi function in lib/ytnef.c allows remote attackers to cause a denial of service memory consumption via a crafted file...

UBUNTU-CVE-2017-9058

In libytnef in ytnef through 1.9.2, there is a heap-based buffer over-read due to incorrect boundary checking in the SIZECHECK macro in lib/ytnef.c...