CVE-2017-6299Infinite Loop in Project Ytnef

CWE-835Infinite Loop12 documents6 sources
Severity
5.5MEDIUMNVD
OSV7.8
EPSS
0.4%
top 42.36%
CISA KEV
Not in KEV
Exploit
No known exploits
Timeline
PublishedFeb 24
Latest updateMay 13

Description

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "2 of 9. Infinite Loop / DoS in the TNEFFillMapi function in lib/ytnef.c."

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

debiandebian/libytnef< libytnef 1.9.1-1 (bookworm)

Also affects: Debian Linux 8.0, 9.0

Patches

🔴Vulnerability Details

3
GHSA
GHSA-48mr-3phh-9xcg: An issue was discovered in ytnef before 12022-05-13
OSV
libytnef vulnerabilities2020-11-03
OSV
CVE-2017-6299: An issue was discovered in ytnef before 12017-02-24

📋Vendor Advisories

3
Ubuntu
Yerase's TNEF vulnerabilities2020-11-03
Ubuntu
libytnef vulnerabilities2017-05-15
Debian
CVE-2017-6299: libytnef - An issue was discovered in ytnef before 1.9.1. This is related to a patch descri...2017

💬Community

5
Bugzilla
CVE-2017-6298 CVE-2017-6299 CVE-2017-6300 CVE-2017-6301 CVE-2017-6302 CVE-2017-6303 CVE-2017-6304 CVE-2017-6305 CVE-2017-6306 CVE-2017-6800 CVE-2017-6801 CVE-2017-6802 libytnef: various flaws [epel-al2017-02-16
Bugzilla
CVE-2017-6298 CVE-2017-6299 CVE-2017-6300 CVE-2017-6301 CVE-2017-6302 CVE-2017-6303 CVE-2017-6304 CVE-2017-6305 CVE-2017-6306 CVE-2017-6800 CVE-2017-6801 CVE-2017-6802 ytnef: various flaws [fedora-all2017-02-16
Bugzilla
CVE-2017-6298 CVE-2017-6299 CVE-2017-6300 CVE-2017-6301 CVE-2017-6302 CVE-2017-6303 CVE-2017-6304 CVE-2017-6305 CVE-2017-6306 CVE-2017-6800 CVE-2017-6801 CVE-2017-6802 libytnef: various flaws [fedora-2017-02-16
Bugzilla
CVE-2017-6298 CVE-2017-6299 CVE-2017-6300 CVE-2017-6301 CVE-2017-6302 CVE-2017-6303 CVE-2017-6304 CVE-2017-6305 CVE-2017-6306 CVE-2017-6800 CVE-2017-6801 CVE-2017-6802 ytnef: various flaws [epel-all]2017-02-16
Bugzilla
CVE-2017-6298 CVE-2017-6299 CVE-2017-6300 CVE-2017-6301 CVE-2017-6302 CVE-2017-6303 CVE-2017-6304 CVE-2017-6305 CVE-2017-6306 ytnef: Multiple vulnerabilities fixed in 1.9.1 version2017-02-16