6 results (0.011 seconds)

CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 1

In tnef before 1.4.18, an attacker may be able to write to the victim's .ssh/authorized_keys file via an e-mail message with a crafted winmail.dat application/ms-tnef attachment, because of a heap-based buffer over-read involving strdup. En tnef versiones anteriores a 1.4.18, un atacante puede escribir en el archivo .ssh/Authorizedkeys de la víctima por medio de un mensaje de correo electrónico con un archivo adjunto application/ms-tnef de winmail.dat, debido a una lectura excesiva del búfer en la región heap de la memoria que involucra a strdup. • https://github.com/verdammelt/tnef/compare/1.4.17...1.4.18 https://github.com/verdammelt/tnef/pull/40 https://lists.debian.org/debian-lts-announce/2019/11/msg00035.html https://lists.debian.org/debian-lts-announce/2021/08/msg00025.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RMKFSHPMOZL7MDWU5RYOTIBTRWSZ4Z6X https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W7CPKBW4QZ4VIY4UXIUVUSHRJ4R2FROE https://usn.ubuntu.c • CWE-125: Out-of-bounds Read •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

An integer underflow has been identified in the unicode_to_utf8() function in tnef 1.4.14. This might lead to invalid write operations, controlled by an attacker. Se ha identificado un desbordamiento inferior de entero en la función unicode_to_utf8 () en tnef 1.4.14. Esta vulnerabilidad podría permitir operaciones de escritura no válidas, controladas por un atacante. • http://www.debian.org/security/2017/dsa-3869 https://github.com/verdammelt/tnef/issues/23 https://security.gentoo.org/glsa/201708-02 • CWE-191: Integer Underflow (Wrap or Wraparound) •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

An issue was discovered in tnef before 1.4.13. Several Integer Overflows, which can lead to Heap Overflows, have been identified in the functions that wrap memory allocation. Se descubrió un problema en tnef en versiones anteriores a 1.4.13. Varios desbordamientos de entero, que pueden conducir a operaciones de desbordamiento de memoria dinámica, se han identificado en las funciones que envuelven la asignación de memoria. • http://www.debian.org/security/2017/dsa-3798 http://www.securityfocus.com/bid/96427 https://github.com/verdammelt/tnef/blob/master/ChangeLog https://github.com/verdammelt/tnef/commit/c5044689e50039635e7700fe2472fd632ac77176 https://security.gentoo.org/glsa/201708-02 https://www.x41-dsec.de/lab/advisories/x41-2017-004-tnef • CWE-190: Integer Overflow or Wraparound •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

An issue was discovered in tnef before 1.4.13. Four type confusions have been identified in the file_add_mapi_attrs() function. These might lead to invalid read and write operations, controlled by an attacker. Se descubrió un problema en tnef en versiones anteriores a 1.4.13. Se han identificado cuatro confusiones tipo en la función file_add_mapi_attrs(). • http://www.debian.org/security/2017/dsa-3798 http://www.securityfocus.com/bid/96427 https://github.com/verdammelt/tnef/blob/master/ChangeLog https://github.com/verdammelt/tnef/commit/8dccf79857ceeb7a6d3e42c1e762e7b865d5344d https://security.gentoo.org/glsa/201708-02 https://www.x41-dsec.de/lab/advisories/x41-2017-004-tnef • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

An issue was discovered in tnef before 1.4.13. Two OOB Writes have been identified in src/mapi_attr.c:mapi_attr_read(). These might lead to invalid read and write operations, controlled by an attacker. Se descubrió un problema en tnef en versiones anteriores a 1.4.13. Se han identificado dos escrituras OOB en src/mapi_attr.c:mapi_attr_read(). • http://www.debian.org/security/2017/dsa-3798 http://www.securityfocus.com/bid/96427 https://github.com/verdammelt/tnef/blob/master/ChangeLog https://github.com/verdammelt/tnef/commit/1a17af1ed0c791aec44dbdc9eab91218cc1e335a https://security.gentoo.org/glsa/201708-02 https://www.x41-dsec.de/lab/advisories/x41-2017-004-tnef • CWE-787: Out-of-bounds Write •