Ytnef@* Security Vulnerabilities and Issues — Ytnef@* CVE List

Lucene search

Ytnef ProjectYtnef*

14 matches found

CVE•added 2017/02/24 4:59 a.m.•154 views

CVE-2017-6301

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "4 of 9. Out of Bounds Reads."

7.8CVSS7.3AI score0.00255EPSS

CVE•added 2017/02/24 4:59 a.m.•74 views

CVE-2017-6298

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "1 of 9. Null Pointer Deref / calloc return value not checked."

7.8CVSS7.3AI score0.00326EPSS

CVE•added 2017/02/24 4:59 a.m.•74 views

CVE-2017-6300

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "3 of 9. Buffer Overflow in version field in lib/tnef-types.h."

7.8CVSS7.4AI score0.00247EPSS

CVE•added 2017/02/24 4:59 a.m.•73 views

CVE-2017-6303

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "6 of 9. Invalid Write and Integer Overflow."

7.8CVSS7.4AI score0.00234EPSS

CVE•added 2017/03/10 10:59 a.m.•72 views

CVE-2017-6801

An issue was discovered in ytnef before 1.9.2. There is a potential out-of-bounds access with fields of Size 0 in TNEFParse() in libytnef.

7.5CVSS7.3AI score0.00505EPSS

CVE•added 2017/02/24 4:59 a.m.•71 views

CVE-2017-6305

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "8 of 9. Out of Bounds read and write."

7.8CVSS7.3AI score0.00234EPSS

CVE•added 2017/03/10 10:59 a.m.•67 views

CVE-2017-6802

An issue was discovered in ytnef before 1.9.2. There is a potential heap-based buffer over-read on incoming Compressed RTF Streams, related to DecompressRTF() in libytnef.

7.5CVSS7.4AI score0.00797EPSS

CVE•added 2017/03/10 10:59 a.m.•66 views

CVE-2017-6800

An issue was discovered in ytnef before 1.9.2. An invalid memory access (heap-based buffer over-read) can occur during handling of LONG data types, related to MAPIPrint() in libytnef.

7.5CVSS7.4AI score0.00538EPSS

CVE•added 2017/02/24 4:59 a.m.•65 views

CVE-2017-6299

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "2 of 9. Infinite Loop / DoS in the TNEFFillMapi function in lib/ytnef.c."

5.5CVSS6AI score0.00213EPSS

CVE•added 2017/02/24 4:59 a.m.•64 views

CVE-2017-6304

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "7 of 9. Out of Bounds read."

7.8CVSS7.3AI score0.00255EPSS

CVE•added 2017/02/24 4:59 a.m.•63 views

CVE-2017-6306

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "9 of 9. Directory Traversal using the filename; SanitizeFilename function in settings.c."

7.8CVSS7.3AI score0.00587EPSS

CVE•added 2017/02/24 4:59 a.m.•59 views

CVE-2017-6302

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "5 of 9. Integer Overflow."

7.8CVSS7.3AI score0.0036EPSS

CVE•added 2017/05/18 6:29 a.m.•47 views

CVE-2017-9058

In libytnef in ytnef through 1.9.2, there is a heap-based buffer over-read due to incorrect boundary checking in the SIZECHECK macro in lib/ytnef.c.

9.8CVSS9.2AI score0.00389EPSS

CVE•added 2017/05/22 6:29 p.m.•46 views

CVE-2017-9146

The TNEFFillMapi function in lib/ytnef.c in libytnef in ytnef through 1.9.2 does not ensure a nonzero count value before a certain memory allocation, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impa...

8.8CVSS9.5AI score0.00608EPSS