---

CVE-2021-3404 - log back

CVE-2021-3404 edited at 18 Mar 2021 18:44:23
References	https://bugzilla.redhat.com/show_bug.cgi?id=1926965 https://github.com/Yeraze/ytnef/issues/86 https://github.com/Yeraze/ytnef/pull/88 - https://github.com/Yeraze/ytnef/commit/ca0f16eeb5d282556437cae63b3f35e8b6a54f74 + https://github.com/Yeraze/ytnef/commit/f9ff4a203b8c155d51a208cadadb62f224fba715

CVE-2021-3404 edited at 05 Mar 2021 23:06:25
References	https://bugzilla.redhat.com/show_bug.cgi?id=1926965 https://github.com/Yeraze/ytnef/issues/86 https://github.com/Yeraze/ytnef/pull/88 + https://github.com/Yeraze/ytnef/commit/ca0f16eeb5d282556437cae63b3f35e8b6a54f74

CVE-2021-3404 edited at 10 Feb 2021 08:54:03
Severity	- Unknown + Medium
Remote	- Unknown + Local
Type	- Unknown + Arbitrary code execution
Description	+ In ytnef 1.9.3, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a heap buffer overflow which can be triggered via a crafted file.
References	+ https://bugzilla.redhat.com/show_bug.cgi?id=1926965 + https://github.com/Yeraze/ytnef/issues/86 + https://github.com/Yeraze/ytnef/pull/88

CVE-2021-3404 created at 10 Feb 2021 08:52:46
Severity	+ Unknown
Remote	+ Unknown
Type	+ Unknown
Description
References
Notes