Vulnerabilities > Ytnef Project

DATE CVE VULNERABILITY TITLE RISK
2017-06-07 CVE-2017-9471 Out-of-bounds Read vulnerability in multiple products
In ytnef 1.9.2, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.
local
low complexity
ytnef-project canonical CWE-125
5.5
2017-06-07 CVE-2017-9470 NULL Pointer Dereference vulnerability in Ytnef Project Ytnef 1.9.2
In ytnef 1.9.2, the MAPIPrint function in lib/ytnef.c allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.
local
low complexity
ytnef-project CWE-476
5.5
2017-05-22 CVE-2017-9146 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ytnef Project Ytnef
The TNEFFillMapi function in lib/ytnef.c in libytnef in ytnef through 1.9.2 does not ensure a nonzero count value before a certain memory allocation, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted tnef file.
network
low complexity
ytnef-project CWE-119
8.8
2017-05-18 CVE-2017-9058 Out-of-bounds Read vulnerability in multiple products
In libytnef in ytnef through 1.9.2, there is a heap-based buffer over-read due to incorrect boundary checking in the SIZECHECK macro in lib/ytnef.c.
network
low complexity
ytnef-project canonical CWE-125
critical
9.8
2017-03-10 CVE-2017-6802 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in ytnef before 1.9.2.
network
low complexity
ytnef-project debian CWE-125
7.5
2017-03-10 CVE-2017-6801 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in ytnef before 1.9.2.
network
low complexity
ytnef-project debian CWE-125
7.5
2017-03-10 CVE-2017-6800 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in ytnef before 1.9.2.
network
low complexity
ytnef-project debian CWE-125
7.5
2017-02-24 CVE-2017-6306 Path Traversal vulnerability in multiple products
An issue was discovered in ytnef before 1.9.1.
local
low complexity
ytnef-project debian CWE-22
7.8
2017-02-24 CVE-2017-6305 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in ytnef before 1.9.1.
local
low complexity
ytnef-project debian CWE-787
7.8
2017-02-24 CVE-2017-6304 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in ytnef before 1.9.1.
local
low complexity
ytnef-project debian CWE-125
7.8