libytnef
| Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
| Description | Yerase's TNEF stream reader library (decodes winmail.dat) |
| Version | 1:2.1.2-2 [extra] |
Resolved
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-1552 | 1.9.3+7+g24fe30e-2 | 1:1.9.3-1 | Medium | Fixed | FS#70056 |
| AVG-275 | 1.9.2-1 | 1.9.2-2 | High | Fixed |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2021-3404 | AVG-1552 | Medium | No | Arbitrary code execution | In ytnef 1.9.3, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a heap... |
| CVE-2021-3403 | AVG-1552 | Medium | No | Arbitrary code execution | In ytnef 1.9.3, the TNEFSubjectHandler function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to... |
| CVE-2017-9058 | AVG-275 | High | Yes | Arbitrary code execution | A heap-buffer-overflow vulnerability has been found in the libytnef in the lib/ytnef.c module. |
Advisories
| Date | Advisory | Group | Severity | Type |
|---|---|---|---|---|
| 14 Aug 2017 | ASA-201708-10 | AVG-275 | High | arbitrary code execution |