Unrtf Project: Security Vulnerabilities
Multiple stack-based buffer overflows in unrtf 0.21.9 allow remote attackers to cause a denial-of-service by writing a negative integer to the (1) cmd_expand function, (2) cmd_emboss function, or (3) cmd_engrave function.
CVSS Score
7.5
EPSS Score
0.026
Published
2017-04-21
UnRTF allows remote attackers to cause a denial of service (out-of-bounds memory access and crash) and possibly execute arbitrary code via a crafted RTF file.
CVSS Score
7.5
EPSS Score
0.033
Published
2014-12-09
UnRTF allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code as demonstrated by a file containing the string "{\cb-999999999".
CVSS Score
7.5
EPSS Score
0.059
Published
2014-12-09