Filtered by vendor Ytnef Project
Subscriptions
Filtered by product Ytnef
Subscriptions
Total
26 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-6801 | 2 Debian, Ytnef Project | 2 Debian Linux, Ytnef | 2025-04-20 | N/A |
| An issue was discovered in ytnef before 1.9.2. There is a potential out-of-bounds access with fields of Size 0 in TNEFParse() in libytnef. | ||||
| CVE-2017-9058 | 2 Canonical, Ytnef Project | 2 Ubuntu Linux, Ytnef | 2025-04-20 | N/A |
| In libytnef in ytnef through 1.9.2, there is a heap-based buffer over-read due to incorrect boundary checking in the SIZECHECK macro in lib/ytnef.c. | ||||
| CVE-2021-3404 | 3 Fedoraproject, Redhat, Ytnef Project | 3 Fedora, Enterprise Linux, Ytnef | 2024-11-21 | 7.8 High |
| In ytnef 1.9.3, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a heap buffer overflow which can be triggered via a crafted file. | ||||
| CVE-2021-3403 | 3 Fedoraproject, Redhat, Ytnef Project | 3 Fedora, Enterprise Linux, Ytnef | 2024-11-21 | 7.8 High |
| In ytnef 1.9.3, the TNEFSubjectHandler function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a double free which can be triggered via a crafted file. | ||||
| CVE-2009-3887 | 1 Ytnef Project | 1 Ytnef | 2024-11-21 | 9.8 Critical |
| ytnef has directory traversal | ||||
| CVE-2009-3721 | 2 Gnome, Ytnef Project | 2 Evolution, Ytnef | 2024-11-21 | 7.8 High |
| Multiple directory traversal and buffer overflow vulnerabilities were discovered in yTNEF, and in Evolution's TNEF parser that is derived from yTNEF. A crafted email could cause these applications to write data in arbitrary locations on the filesystem, crash, or potentially execute arbitrary code when decoding attachments. | ||||