Debian Tnef vulnerabilities

6 known vulnerabilities affecting debian/tnef.

Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH4MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2019-18849MEDIUMCVSS 5.5fixed in tnef 1.4.18-1 (bookworm)2019
CVE-2019-18849 [MEDIUM] CVE-2019-18849: tnef - In tnef before 1.4.18, an attacker may be able to write to the victim's .ssh/aut... In tnef before 1.4.18, an attacker may be able to write to the victim's .ssh/authorized_keys file via an e-mail message with a crafted winmail.dat application/ms-tnef attachment, because of a heap-based buffer over-read involving strdup. Scope: local bookworm: resolved (fixed in 1.4.18-1) bullseye: resolved (fixed in 1.4.18-1) forky: resolved (fixed in 1.4.18-1) sid:
debian
CVE-2017-8911CRITICALCVSS 9.8fixed in tnef 1.4.12-1.2 (bookworm)2017
CVE-2017-8911 [CRITICAL] CVE-2017-8911: tnef - An integer underflow has been identified in the unicode_to_utf8() function in tn... An integer underflow has been identified in the unicode_to_utf8() function in tnef 1.4.14. This might lead to invalid write operations, controlled by an attacker. Scope: local bookworm: resolved (fixed in 1.4.12-1.2) bullseye: resolved (fixed in 1.4.12-1.2) forky: resolved (fixed in 1.4.12-1.2) sid: resolved (fixed in 1.4.12-1.2) trixie: resolved (fixed in 1.4.12-1.2
debian
CVE-2017-6309HIGHCVSS 7.8fixed in tnef 1.4.12-1.1 (bookworm)2017
CVE-2017-6309 [HIGH] CVE-2017-6309: tnef - An issue was discovered in tnef before 1.4.13. Two type confusions have been ide... An issue was discovered in tnef before 1.4.13. Two type confusions have been identified in the parse_file() function. These might lead to invalid read and write operations, controlled by an attacker. Scope: local bookworm: resolved (fixed in 1.4.12-1.1) bullseye: resolved (fixed in 1.4.12-1.1) forky: resolved (fixed in 1.4.12-1.1) sid: resolved (fixed in 1.4.12-1.1) trix
debian
CVE-2017-6307HIGHCVSS 7.8fixed in tnef 1.4.12-1.1 (bookworm)2017
CVE-2017-6307 [HIGH] CVE-2017-6307: tnef - An issue was discovered in tnef before 1.4.13. Two OOB Writes have been identifi... An issue was discovered in tnef before 1.4.13. Two OOB Writes have been identified in src/mapi_attr.c:mapi_attr_read(). These might lead to invalid read and write operations, controlled by an attacker. Scope: local bookworm: resolved (fixed in 1.4.12-1.1) bullseye: resolved (fixed in 1.4.12-1.1) forky: resolved (fixed in 1.4.12-1.1) sid: resolved (fixed in 1.4.12-1.1) tr
debian
CVE-2017-6308HIGHCVSS 7.8fixed in tnef 1.4.12-1.1 (bookworm)2017
CVE-2017-6308 [HIGH] CVE-2017-6308: tnef - An issue was discovered in tnef before 1.4.13. Several Integer Overflows, which ... An issue was discovered in tnef before 1.4.13. Several Integer Overflows, which can lead to Heap Overflows, have been identified in the functions that wrap memory allocation. Scope: local bookworm: resolved (fixed in 1.4.12-1.1) bullseye: resolved (fixed in 1.4.12-1.1) forky: resolved (fixed in 1.4.12-1.1) sid: resolved (fixed in 1.4.12-1.1) trixie: resolved (fixed in 1.
debian
CVE-2017-6310HIGHCVSS 7.8fixed in tnef 1.4.12-1.1 (bookworm)2017
CVE-2017-6310 [HIGH] CVE-2017-6310: tnef - An issue was discovered in tnef before 1.4.13. Four type confusions have been id... An issue was discovered in tnef before 1.4.13. Four type confusions have been identified in the file_add_mapi_attrs() function. These might lead to invalid read and write operations, controlled by an attacker. Scope: local bookworm: resolved (fixed in 1.4.12-1.1) bullseye: resolved (fixed in 1.4.12-1.1) forky: resolved (fixed in 1.4.12-1.1) sid: resolved (fixed in 1.4.12
debian