Debian Libytnef vulnerabilities

CVE-2021-3404 [HIGH] CVE-2021-3404: libytnef - In ytnef 1.9.3, the SwapWord function in lib/ytnef.c allows remote attackers to ... In ytnef 1.9.3, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a heap buffer overflow which can be triggered via a crafted file. Scope: local bookworm: resolved (fixed in 1.9.3-3) bullseye: resolved (fixed in 1.9.3-3) forky: resolved (fixed in 1.9.3-3) sid: resolved (fixed in 1.9.3-3)

CVE-2021-3403 [HIGH] CVE-2021-3403: libytnef - In ytnef 1.9.3, the TNEFSubjectHandler function in lib/ytnef.c allows remote att... In ytnef 1.9.3, the TNEFSubjectHandler function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a double free which can be triggered via a crafted file. Scope: local bookworm: resolved (fixed in 1.9.3-3) bullseye: resolved (fixed in 1.9.3-3) forky: resolved (fixed in 1.9.3-3) sid: resolved (fixed in 1.9.3-3)

CVE-2017-6298 [HIGH] CVE-2017-6298: libytnef - An issue was discovered in ytnef before 1.9.1. This is related to a patch descri... An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "1 of 9. Null Pointer Deref / calloc return value not checked." Scope: local bookworm: resolved (fixed in 1.9.1-1) bullseye: resolved (fixed in 1.9.1-1) forky: resolved (fixed in 1.9.1-1) sid: resolved (fixed in 1.9.1-1) trixie: resolved (fixed in 1.9.1-1)

CVE-2017-6303 [HIGH] CVE-2017-6303: libytnef - An issue was discovered in ytnef before 1.9.1. This is related to a patch descri... An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "6 of 9. Invalid Write and Integer Overflow." Scope: local bookworm: resolved (fixed in 1.9.1-1) bullseye: resolved (fixed in 1.9.1-1) forky: resolved (fixed in 1.9.1-1) sid: resolved (fixed in 1.9.1-1) trixie: resolved (fixed in 1.9.1-1)

CVE-2017-6300 [HIGH] CVE-2017-6300: libytnef - An issue was discovered in ytnef before 1.9.1. This is related to a patch descri... An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "3 of 9. Buffer Overflow in version field in lib/tnef-types.h." Scope: local bookworm: resolved (fixed in 1.9.1-1) bullseye: resolved (fixed in 1.9.1-1) forky: resolved (fixed in 1.9.1-1) sid: resolved (fixed in 1.9.1-1) trixie: resolved (fixed in 1.9.1-1)

CVE-2017-6306 [HIGH] CVE-2017-6306: libytnef - An issue was discovered in ytnef before 1.9.1. This is related to a patch descri... An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "9 of 9. Directory Traversal using the filename; SanitizeFilename function in settings.c." Scope: local bookworm: resolved (fixed in 1.9.1-1) bullseye: resolved (fixed in 1.9.1-1) forky: resolved (fixed in 1.9.1-1) sid: resolved (fixed in 1.9.1-1) trixie: resolved (fixed in 1.9.1-1

CVE-2017-6301 [HIGH] CVE-2017-6301: libytnef - An issue was discovered in ytnef before 1.9.1. This is related to a patch descri... An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "4 of 9. Out of Bounds Reads." Scope: local bookworm: resolved (fixed in 1.9.1-1) bullseye: resolved (fixed in 1.9.1-1) forky: resolved (fixed in 1.9.1-1) sid: resolved (fixed in 1.9.1-1) trixie: resolved (fixed in 1.9.1-1)

CVE-2017-6305 [HIGH] CVE-2017-6305: libytnef - An issue was discovered in ytnef before 1.9.1. This is related to a patch descri... An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "8 of 9. Out of Bounds read and write." Scope: local bookworm: resolved (fixed in 1.9.1-1) bullseye: resolved (fixed in 1.9.1-1) forky: resolved (fixed in 1.9.1-1) sid: resolved (fixed in 1.9.1-1) trixie: resolved (fixed in 1.9.1-1)

CVE-2017-6304 [HIGH] CVE-2017-6304: libytnef - An issue was discovered in ytnef before 1.9.1. This is related to a patch descri... An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "7 of 9. Out of Bounds read." Scope: local bookworm: resolved (fixed in 1.9.1-1) bullseye: resolved (fixed in 1.9.1-1) forky: resolved (fixed in 1.9.1-1) sid: resolved (fixed in 1.9.1-1) trixie: resolved (fixed in 1.9.1-1)

CVE-2017-6801 [HIGH] CVE-2017-6801: libytnef - An issue was discovered in ytnef before 1.9.2. There is a potential out-of-bound... An issue was discovered in ytnef before 1.9.2. There is a potential out-of-bounds access with fields of Size 0 in TNEFParse() in libytnef. Scope: local bookworm: resolved (fixed in 1.9.2-1) bullseye: resolved (fixed in 1.9.2-1) forky: resolved (fixed in 1.9.2-1) sid: resolved (fixed in 1.9.2-1) trixie: resolved (fixed in 1.9.2-1)

CVE-2017-9146 [HIGH] CVE-2017-9146: libytnef - The TNEFFillMapi function in lib/ytnef.c in libytnef in ytnef through 1.9.2 does... The TNEFFillMapi function in lib/ytnef.c in libytnef in ytnef through 1.9.2 does not ensure a nonzero count value before a certain memory allocation, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted tnef file. Scope: local bookworm: resolved (fixed in

CVE-2017-6302 [HIGH] CVE-2017-6302: libytnef - An issue was discovered in ytnef before 1.9.1. This is related to a patch descri... An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "5 of 9. Integer Overflow." Scope: local bookworm: resolved (fixed in 1.9.1-1) bullseye: resolved (fixed in 1.9.1-1) forky: resolved (fixed in 1.9.1-1) sid: resolved (fixed in 1.9.1-1) trixie: resolved (fixed in 1.9.1-1)

CVE-2017-6802 [HIGH] CVE-2017-6802: libytnef - An issue was discovered in ytnef before 1.9.2. There is a potential heap-based b... An issue was discovered in ytnef before 1.9.2. There is a potential heap-based buffer over-read on incoming Compressed RTF Streams, related to DecompressRTF() in libytnef. Scope: local bookworm: resolved (fixed in 1.9.2-1) bullseye: resolved (fixed in 1.9.2-1) forky: resolved (fixed in 1.9.2-1) sid: resolved (fixed in 1.9.2-1) trixie: resolved (fixed in 1.9.2-1)

CVE-2017-6800 [HIGH] CVE-2017-6800: libytnef - An issue was discovered in ytnef before 1.9.2. An invalid memory access (heap-ba... An issue was discovered in ytnef before 1.9.2. An invalid memory access (heap-based buffer over-read) can occur during handling of LONG data types, related to MAPIPrint() in libytnef. Scope: local bookworm: resolved (fixed in 1.9.2-1) bullseye: resolved (fixed in 1.9.2-1) forky: resolved (fixed in 1.9.2-1) sid: resolved (fixed in 1.9.2-1) trixie: resolved (fixed in 1

CVE-2017-12144 [MEDIUM] CVE-2017-12144: libytnef - In ytnef 1.9.2, an allocation failure was found in the function TNEFFillMapi in ... In ytnef 1.9.2, an allocation failure was found in the function TNEFFillMapi in ytnef.c, which allows attackers to cause a denial of service via a crafted file. Scope: local bookworm: resolved (fixed in 1.9.3-1) bullseye: resolved (fixed in 1.9.3-1) forky: resolved (fixed in 1.9.3-1) sid: resolved (fixed in 1.9.3-1) trixie: resolved (fixed in 1.9.3-1)

CVE-2017-6299 [MEDIUM] CVE-2017-6299: libytnef - An issue was discovered in ytnef before 1.9.1. This is related to a patch descri... An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "2 of 9. Infinite Loop / DoS in the TNEFFillMapi function in lib/ytnef.c." Scope: local bookworm: resolved (fixed in 1.9.1-1) bullseye: resolved (fixed in 1.9.1-1) forky: resolved (fixed in 1.9.1-1) sid: resolved (fixed in 1.9.1-1) trixie: resolved (fixed in 1.9.1-1)

CVE-2017-9058 [CRITICAL] CVE-2017-9058: libytnef - In libytnef in ytnef through 1.9.2, there is a heap-based buffer over-read due t... In libytnef in ytnef through 1.9.2, there is a heap-based buffer over-read due to incorrect boundary checking in the SIZECHECK macro in lib/ytnef.c. Scope: local bookworm: resolved (fixed in 1.9.2-2) bullseye: resolved (fixed in 1.9.2-2) forky: resolved (fixed in 1.9.2-2) sid: resolved (fixed in 1.9.2-2) trixie: resolved (fixed in 1.9.2-2)

CVE-2017-9471 [MEDIUM] CVE-2017-9471: libytnef - In ytnef 1.9.2, the SwapWord function in lib/ytnef.c allows remote attackers to ... In ytnef 1.9.2, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file. Scope: local bookworm: resolved (fixed in 1.9.3-1) bullseye: resolved (fixed in 1.9.3-1) forky: resolved (fixed in 1.9.3-1) sid: resolved (fixed in 1.9.3-1) trixie: resolved (fixed in 1.9.3

CVE-2017-12141 [MEDIUM] CVE-2017-12141: libytnef - In ytnef 1.9.2, a heap-based buffer overflow vulnerability was found in the func... In ytnef 1.9.2, a heap-based buffer overflow vulnerability was found in the function TNEFFillMapi in ytnef.c, which allows attackers to cause a denial of service via a crafted file. Scope: local bookworm: resolved (fixed in 1.9.3-1) bullseye: resolved (fixed in 1.9.3-1) forky: resolved (fixed in 1.9.3-1) sid: resolved (fixed in 1.9.3-1) trixie: resolved (fixed in

CVE-2017-9470 [MEDIUM] CVE-2017-9470: libytnef - In ytnef 1.9.2, the MAPIPrint function in lib/ytnef.c allows remote attackers to... In ytnef 1.9.2, the MAPIPrint function in lib/ytnef.c allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file. Scope: local bookworm: resolved (fixed in 1.9.3-1) bullseye: resolved (fixed in 1.9.3-1) forky: resolved (fixed in 1.9.3-1) sid: resolved (fixed in 1.9.3-1) trixie: resolved (fixed in 1.9.3-1