Shodan
Vulnerabilities
Vulnerable Software
Ytnef Project:  >> Ytnef  Security Vulnerabilities
CVE-2017-9473
In ytnef 1.9.2, the TNEFFillMapi function in lib/ytnef.c allows remote attackers to cause a denial of service (memory consumption) via a crafted file.
CVSS Score
5.5
EPSS Score
0.003
Published
2017-06-07
CVE-2017-9474
In ytnef 1.9.2, the DecompressRTF function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-06-07
CVE-2017-9146
The TNEFFillMapi function in lib/ytnef.c in libytnef in ytnef through 1.9.2 does not ensure a nonzero count value before a certain memory allocation, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted tnef file.
CVSS Score
8.8
EPSS Score
0.006
Published
2017-05-22
CVE-2017-9058
In libytnef in ytnef through 1.9.2, there is a heap-based buffer over-read due to incorrect boundary checking in the SIZECHECK macro in lib/ytnef.c.
CVSS Score
9.8
EPSS Score
0.004
Published
2017-05-18
CVE-2017-6800
An issue was discovered in ytnef before 1.9.2. An invalid memory access (heap-based buffer over-read) can occur during handling of LONG data types, related to MAPIPrint() in libytnef.
CVSS Score
7.5
EPSS Score
0.005
Published
2017-03-10
CVE-2017-6801
An issue was discovered in ytnef before 1.9.2. There is a potential out-of-bounds access with fields of Size 0 in TNEFParse() in libytnef.
CVSS Score
7.5
EPSS Score
0.005
Published
2017-03-10
CVE-2017-6802
An issue was discovered in ytnef before 1.9.2. There is a potential heap-based buffer over-read on incoming Compressed RTF Streams, related to DecompressRTF() in libytnef.
CVSS Score
7.5
EPSS Score
0.008
Published
2017-03-10
CVE-2017-6298
An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "1 of 9. Null Pointer Deref / calloc return value not checked."
CVSS Score
7.8
EPSS Score
0.003
Published
2017-02-24
CVE-2017-6299
An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "2 of 9. Infinite Loop / DoS in the TNEFFillMapi function in lib/ytnef.c."
CVSS Score
5.5
EPSS Score
0.002
Published
2017-02-24
CVE-2017-6300
An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "3 of 9. Buffer Overflow in version field in lib/tnef-types.h."
CVSS Score
7.8
EPSS Score
0.002
Published
2017-02-24


Products
Pricing
Contact Us

Shodan ® - All rights reserved