CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-9146 – Ubuntu Security Notice USN-3667-1
https://notcve.org/view.php?id=CVE-2017-9146
22 May 2017 — The TNEFFillMapi function in lib/ytnef.c in libytnef in ytnef through 1.9.2 does not ensure a nonzero count value before a certain memory allocation, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted tnef file. La función TNEFFillMapi en lib / ytnef.c en libytnef in ytnef hasta 1.9.2 no garantiza un valor de conteo distinto de cero antes de una cierta asignación de memoria, lo que permite a lo... • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862707 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-9058 – Ubuntu Security Notice USN-3667-1
https://notcve.org/view.php?id=CVE-2017-9058
18 May 2017 — In libytnef in ytnef through 1.9.2, there is a heap-based buffer over-read due to incorrect boundary checking in the SIZECHECK macro in lib/ytnef.c. En libytnef en ytnef hasta la versión 1.9.2 hay una sobrelectura de búfer basado en memoria dinámica (heap) debido a una comprobación de límites en la macro SIZECHECK en lib/ytnef.c. It was discovered that libytnef incorrectly handled certain files. An attacker could possibly use this to cause a denial of service. It was discovered that libytnef incorrectly han... • https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862556 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2017-6800 – Ubuntu Security Notice USN-3288-1
https://notcve.org/view.php?id=CVE-2017-6800
10 Mar 2017 — An issue was discovered in ytnef before 1.9.2. An invalid memory access (heap-based buffer over-read) can occur during handling of LONG data types, related to MAPIPrint() in libytnef. Se ha descubierto un problema en ytnef en versiones anteriores a 1.9.2. Un acceso de memoria no válido (sobre lectura de búfer basado en memoria dinámica) puede ocurrir durante el manejo de tipos de datos LONG, relacionados con MAPIPrint() en libytnef. Several issues were discovered in libytnef, a library used to decode applic... • http://www.debian.org/security/2017/dsa-3846 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2017-6801 – Ubuntu Security Notice USN-3288-1
https://notcve.org/view.php?id=CVE-2017-6801
10 Mar 2017 — An issue was discovered in ytnef before 1.9.2. There is a potential out-of-bounds access with fields of Size 0 in TNEFParse() in libytnef. Se ha descubierto un problema en ytnef en versiones anteriores a 1.9.2. Hay un potencial acceso fuera de límites con con campos de tamaño 0 en TNEFParse() en libytnef. Several issues were discovered in libytnef, a library used to decode application/ms-tnef e-mail attachments. • http://www.debian.org/security/2017/dsa-3846 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2017-6802 – Ubuntu Security Notice USN-3288-1
https://notcve.org/view.php?id=CVE-2017-6802
10 Mar 2017 — An issue was discovered in ytnef before 1.9.2. There is a potential heap-based buffer over-read on incoming Compressed RTF Streams, related to DecompressRTF() in libytnef. Se ha descubierto un problema en ytnef en versiones anteriores a 1.9.2. Hay una potencial sobre lectura de búfer basado en memoria dinámica en el entrante Compressed RTF Streams, relacionado con DecompressRTF() en libytnef. Several issues were discovered in libytnef, a library used to decode application/ms-tnef e-mail attachments. • http://www.debian.org/security/2017/dsa-3846 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2017-6298 – Ubuntu Security Notice USN-4615-1
https://notcve.org/view.php?id=CVE-2017-6298
24 Feb 2017 — An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "1 of 9. Null Pointer Deref / calloc return value not checked." Se descubrió un problema en ytnef en versiones anteriores a 1.9.1. Esto se relaciona con un parche descrito como "1 de 9. • http://www.debian.org/security/2017/dsa-3846 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2017-6299 – Ubuntu Security Notice USN-3288-1
https://notcve.org/view.php?id=CVE-2017-6299
24 Feb 2017 — An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "2 of 9. Infinite Loop / DoS in the TNEFFillMapi function in lib/ytnef.c." Se descubrió un problema en ytnef en versiones anteriores a 1.9.1. Esto se relaciona con un parche descrito como "2 de 9. • http://www.debian.org/security/2017/dsa-3846 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2017-6300 – Ubuntu Security Notice USN-4615-1
https://notcve.org/view.php?id=CVE-2017-6300
24 Feb 2017 — An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "3 of 9. Buffer Overflow in version field in lib/tnef-types.h." Se descubrió un problema en ytnef en versiones anteriores a 1.9.1. Esto se relaciona con un parche descrito como "3 de 9. • http://www.debian.org/security/2017/dsa-3846 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2017-6301 – Ubuntu Security Notice USN-4615-1
https://notcve.org/view.php?id=CVE-2017-6301
24 Feb 2017 — An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "4 of 9. Out of Bounds Reads." Se descubrió un problema en ytnef en versiones anteriores a 1.9.1. Esto se relaciona con un parche descrito como "4 de 9. • http://www.debian.org/security/2017/dsa-3846 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2017-6302 – Ubuntu Security Notice USN-4615-1
https://notcve.org/view.php?id=CVE-2017-6302
24 Feb 2017 — An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "5 of 9. Integer Overflow." Se descubrió un problema en ytnef en versiones anteriores a 1.9.1. Esto se relaciona con un parche descrito como "5 de 9. • http://www.debian.org/security/2017/dsa-3846 • CWE-190: Integer Overflow or Wraparound •