RSS   Vulnerabilities for 'Ytnef'   RSS

2021-03-04
 
CVE-2021-3404

CWE-119
 

 
In ytnef 1.9.3, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a heap buffer overflow which can be triggered via a crafted file.

 
 
CVE-2021-3403

CWE-416
 

 
In ytnef 1.9.3, the TNEFSubjectHandler function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a double free which can be triggered via a crafted file.

 
2017-08-02
 
CVE-2017-12144

CWE-770
 

 
In ytnef 1.9.2, an allocation failure was found in the function TNEFFillMapi in ytnef.c, which allows attackers to cause a denial of service via a crafted file.

 
 
CVE-2017-12142

CWE-125
 

 
In ytnef 1.9.2, an invalid memory read vulnerability was found in the function SwapDWord in ytnef.c, which allows attackers to cause a denial of service via a crafted file.

 
 
CVE-2017-12141

CWE-119
 

 
In ytnef 1.9.2, a heap-based buffer overflow vulnerability was found in the function TNEFFillMapi in ytnef.c, which allows attackers to cause a denial of service via a crafted file.

 
2017-06-07
 
CVE-2017-9474

CWE-125
 

 
In ytnef 1.9.2, the DecompressRTF function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.

 
 
CVE-2017-9473

CWE-noinfo
 

 
In ytnef 1.9.2, the TNEFFillMapi function in lib/ytnef.c allows remote attackers to cause a denial of service (memory consumption) via a crafted file.

 
 
CVE-2017-9472

CWE-125
 

 
In ytnef 1.9.2, the SwapDWord function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.

 
 
CVE-2017-9471

CWE-125
 

 
In ytnef 1.9.2, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.

 
 
CVE-2017-9470

CWE-476
 

 
In ytnef 1.9.2, the MAPIPrint function in lib/ytnef.c allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.

 


Copyright 2021, cxsecurity.com

 

Back to Top