Vulnerabilities > Ytnef Project > Ytnef > 1.9.3

DATE CVE VULNERABILITY TITLE RISK
2021-03-04 CVE-2021-3404 Out-of-bounds Write vulnerability in multiple products
In ytnef 1.9.3, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a heap buffer overflow which can be triggered via a crafted file.
local
low complexity
ytnef-project redhat fedoraproject CWE-787
7.8
7.8
2021-03-04 CVE-2021-3403 Double Free vulnerability in multiple products
In ytnef 1.9.3, the TNEFSubjectHandler function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a double free which can be triggered via a crafted file.
local
low complexity
ytnef-project redhat fedoraproject CWE-415
7.8
7.8