Vulnerabilities > Ytnef Project > Ytnef > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-26 | CVE-2009-3721 | Multiple directory traversal and buffer overflow vulnerabilities were discovered in yTNEF, and in Evolution's TNEF parser that is derived from yTNEF. | 7.8 |
| 2021-03-04 | CVE-2021-3404 | Out-of-bounds Write vulnerability in multiple products In ytnef 1.9.3, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a heap buffer overflow which can be triggered via a crafted file. | 7.8 |
| 2021-03-04 | CVE-2021-3403 | Double Free vulnerability in multiple products In ytnef 1.9.3, the TNEFSubjectHandler function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a double free which can be triggered via a crafted file. | 7.8 |
| 2017-05-22 | CVE-2017-9146 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ytnef Project Ytnef The TNEFFillMapi function in lib/ytnef.c in libytnef in ytnef through 1.9.2 does not ensure a nonzero count value before a certain memory allocation, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted tnef file. | 8.8 |
| 2017-03-10 | CVE-2017-6802 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in ytnef before 1.9.2. | 7.5 |
| 2017-03-10 | CVE-2017-6801 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in ytnef before 1.9.2. | 7.5 |
| 2017-03-10 | CVE-2017-6800 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in ytnef before 1.9.2. | 7.5 |
| 2017-02-24 | CVE-2017-6306 | Path Traversal vulnerability in multiple products An issue was discovered in ytnef before 1.9.1. | 7.8 |
| 2017-02-24 | CVE-2017-6305 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in ytnef before 1.9.1. | 7.8 |
| 2017-02-24 | CVE-2017-6304 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in ytnef before 1.9.1. | 7.8 |