threat
engine
.sh
Back
·
··:··
Home
/
Product
/
ytnef project ytnef
Product
ytnef project ytnef
26 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2009-3721
all versions
Multiple directory traversal and buffer overflow vulnerabilities were discovered in yTNEF, and in Evolution's TNEF parser that is
7.8
HIGH
CVE-2021-3404
all versions
In ytnef 1.9.3, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code ex
7.8
HIGH
CVE-2021-3403
all versions
In ytnef 1.9.3, the TNEFSubjectHandler function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potential
7.8
HIGH
CVE-2009-3887
all versions
ytnef has directory traversal
9.8
CRITICAL
CVE-2017-12144
all versions
In ytnef 1.9.2, an allocation failure was found in the function TNEFFillMapi in ytnef.c, which allows attackers to cause a denial
5.5
MEDIUM
CVE-2017-12142
all versions
In ytnef 1.9.2, an invalid memory read vulnerability was found in the function SwapDWord in ytnef.c, which allows attackers to cau
5.5
MEDIUM
CVE-2017-12141
all versions
In ytnef 1.9.2, a heap-based buffer overflow vulnerability was found in the function TNEFFillMapi in ytnef.c, which allows attacke
5.5
MEDIUM
CVE-2017-9474
all versions
In ytnef 1.9.2, the DecompressRTF function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer
5.5
MEDIUM
CVE-2017-9473
all versions
In ytnef 1.9.2, the TNEFFillMapi function in lib/ytnef.c allows remote attackers to cause a denial of service (memory consumption)
5.5
MEDIUM
CVE-2017-9472
all versions
In ytnef 1.9.2, the SwapDWord function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over
5.5
MEDIUM
CVE-2017-9471
all versions
In ytnef 1.9.2, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over-
5.5
MEDIUM
CVE-2017-9470
all versions
In ytnef 1.9.2, the MAPIPrint function in lib/ytnef.c allows remote attackers to cause a denial of service (NULL pointer dereferen
5.5
MEDIUM
CVE-2017-9146
<= 1.9.2
The TNEFFillMapi function in lib/ytnef.c in libytnef in ytnef through 1.9.2 does not ensure a nonzero count value before a certain
8.8
HIGH
CVE-2017-9058
<= 1.9.2
In libytnef in ytnef through 1.9.2, there is a heap-based buffer over-read due to incorrect boundary checking in the SIZECHECK mac
9.8
CRITICAL
CVE-2017-6802
<= 1.9.1
An issue was discovered in ytnef before 1.9.2. There is a potential heap-based buffer over-read on incoming Compressed RTF Streams
7.5
HIGH
CVE-2017-6801
<= 1.9.1
An issue was discovered in ytnef before 1.9.2. There is a potential out-of-bounds access with fields of Size 0 in TNEFParse() in l
7.5
HIGH
CVE-2017-6800
<= 1.9.1
An issue was discovered in ytnef before 1.9.2. An invalid memory access (heap-based buffer over-read) can occur during handling of
7.5
HIGH
CVE-2017-6306
<= 1.9
An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "9 of 9. Directory Traversal using the file
7.8
HIGH
CVE-2017-6305
<= 1.9
An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "8 of 9. Out of Bounds read and write."
7.8
HIGH
CVE-2017-6304
<= 1.9
An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "7 of 9. Out of Bounds read."
7.8
HIGH
CVE-2017-6303
<= 1.9
An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "6 of 9. Invalid Write and Integer Overflow
7.8
HIGH
CVE-2017-6302
<= 1.9
An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "5 of 9. Integer Overflow."
7.8
HIGH
CVE-2017-6301
<= 1.9
An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "4 of 9. Out of Bounds Reads."
7.8
HIGH
CVE-2017-6300
<= 1.9
An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "3 of 9. Buffer Overflow in version field i
7.8
HIGH
CVE-2017-6299
<= 1.9
An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "2 of 9. Infinite Loop / DoS in the TNEFFil
5.5
MEDIUM
CVE-2017-6298
<= 1.9
An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "1 of 9. Null Pointer Deref / calloc return
7.8
HIGH
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin