CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-6309
https://notcve.org/view.php?id=CVE-2017-6309
An issue was discovered in tnef before 1.4.13. Two type confusions have been identified in the parse_file() function. These might lead to invalid read and write operations, controlled by an attacker. Se descubrió un problema en tnef en versiones anteriores a 1.4.13. Se han identificado dos confusiones tipo en la función parse_file(). • http://www.debian.org/security/2017/dsa-3798 http://www.securityfocus.com/bid/96427 https://github.com/verdammelt/tnef/blob/master/ChangeLog https://github.com/verdammelt/tnef/commit/8dccf79857ceeb7a6d3e42c1e762e7b865d5344d https://security.gentoo.org/glsa/201708-02 https://www.x41-dsec.de/lab/advisories/x41-2017-004-tnef • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •