CyberSec.Space Logo
Back to CVE Browser

CVE-2009-3721

HIGH
7.8
CVSS Severity Score
EPSS Score0.0740%
EPSS Percentile42.81th
PublishedMay 26, 2021
Last ModifiedNov 21, 2024

Vulnerability Description

Multiple directory traversal and buffer overflow vulnerabilities were discovered in yTNEF, and in Evolution's TNEF parser that is derived from yTNEF. A crafted email could cause these applications to write data in arbitrary locations on the filesystem, crash, or potentially execute arbitrary code when decoding attachments.

Affected Platforms (CPE)

πŸ“¦
Gnome

Evolution

All versions
πŸ“¦
Ytnef Project

Ytnef

All versions

References & Advisories

πŸ”— http://www.ocert.org/advisories/ocert-2009-013.html
πŸ”— https://bugzilla.redhat.com/show_bug.cgi?id=521662
πŸ”— http://www.ocert.org/advisories/ocert-2009-013.html
πŸ”— https://bugzilla.redhat.com/show_bug.cgi?id=521662

Related Vulnerabilities

CVE-2008-353310.0

Format string vulnerability in the window_error function in yelp-window.c in yelp in Gnome after 2.19.90 and before 2.24 allows re...

CVE-2021-435279.8

NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded D...

CVE-2020-121339.8

The Apros Evolution, ConsciusMap, and Furukawa provisioning systems through 2.8.1 allow remote code execution because of javax.fac...

CVE-2005-01029.8

Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execut...