Vulnerabilities > Ytnef Project > Ytnef > 1.9.1.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-05-22 | CVE-2017-9146 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ytnef Project Ytnef The TNEFFillMapi function in lib/ytnef.c in libytnef in ytnef through 1.9.2 does not ensure a nonzero count value before a certain memory allocation, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted tnef file. | 8.8 |
2017-05-18 | CVE-2017-9058 | Out-of-bounds Read vulnerability in multiple products In libytnef in ytnef through 1.9.2, there is a heap-based buffer over-read due to incorrect boundary checking in the SIZECHECK macro in lib/ytnef.c. | 9.8 |