libytnef

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Yerase's TNEF Stream Reader library (decodes winmail.dat)
Version 1:2.0-2 [extra]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-1552 1.9.3+7+g24fe30e-2 1:1.9.3-1 Medium Fixed FS#70056
AVG-275 1.9.2-1 1.9.2-2 High Fixed
Issue Group Severity Remote Type Description
CVE-2021-3404 AVG-1552 Medium No Arbitrary code execution
In ytnef 1.9.3, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a heap...
CVE-2021-3403 AVG-1552 Medium No Arbitrary code execution
In ytnef 1.9.3, the TNEFSubjectHandler function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to...
CVE-2017-9058 AVG-275 High Yes Arbitrary code execution
A heap-buffer-overflow vulnerability has been found in the libytnef in the lib/ytnef.c module.

Advisories

Date Advisory Group Severity Type
14 Aug 2017 ASA-201708-10 AVG-275 High arbitrary code execution