Vulnerability Details CVE-2017-6308
An issue was discovered in tnef before 1.4.13. Several Integer Overflows, which can lead to Heap Overflows, have been identified in the functions that wrap memory allocation.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.7%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 6.8
References
- http://www.debian.org/security/2017/dsa-3798
- http://www.securityfocus.com/bid/96427
- https://github.com/verdammelt/tnef/blob/master/ChangeLog
- https://github.com/verdammelt/tnef/commit/c5044689e50039635e7700fe2472fd632ac77176
- https://security.gentoo.org/glsa/201708-02
- https://www.x41-dsec.de/lab/advisories/x41-2017-004-tnef/
- http://www.debian.org/security/2017/dsa-3798
- http://www.securityfocus.com/bid/96427
- https://github.com/verdammelt/tnef/blob/master/ChangeLog
- https://github.com/verdammelt/tnef/commit/c5044689e50039635e7700fe2472fd632ac77176
- https://security.gentoo.org/glsa/201708-02
- https://www.x41-dsec.de/lab/advisories/x41-2017-004-tnef/
Products affected by CVE-2017-6308
-
cpe:2.3:a:tnef_project:tnef:1.4.10
-
cpe:2.3:a:tnef_project:tnef:1.4.11
-
cpe:2.3:a:tnef_project:tnef:1.4.12
-
cpe:2.3:o:debian:debian_linux:8.0