CVEInsight.

Free vulnerability intelligence for developers, security teams, and researchers. Data sourced from public databases for informational purposes only.

Explore

Legal

CVE data sourced from NVD / NIST & public disclosures.

Search Vulnerabilities

Software

Searching vulnerabilities affecting “ytnef_project”

4 vulnerabilities found for “ytnef_project”

CVE-2009-3721

HIGH7.8

Multiple directory traversal and buffer overflow vulnerabilities were discovered in yTNEF, and in Evolution's TNEF parser that is derived from yTNEF. A crafted email could cause these applications to write data in arbitrary locations on the filesystem, crash, or potentially execute arbitrary code when decoding attachments.

gnome / evolution+1

Local

Published May 26, 2021

CVE-2021-3404

HIGH7.8

In ytnef 1.9.3, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a heap buffer overflow which can be triggered via a crafted file.

ytnef_project / ytnef+2

Local

Published Mar 4, 2021

CVE-2021-3403

HIGH7.8

In ytnef 1.9.3, the TNEFSubjectHandler function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a double free which can be triggered via a crafted file.

ytnef_project / ytnef+2

Local

Published Mar 4, 2021

CVE-2009-3887

CRITICAL9.8

ytnef has directory traversal

ytnef_project / ytnef

Network

Published Oct 29, 2019