CyberSec.Space Logo
CVEブラウザに戻る

CVE-2017-6307

HIGH
7.8
CVSS Severity Score
EPSS Score0.0500%
EPSS Percentile8.85th
Published2017年2月24日
Last Modified2026年5月13日

Vulnerability Description

An issue was discovered in tnef before 1.4.13. Two OOB Writes have been identified in src/mapi_attr.c:mapi_attr_read(). These might lead to invalid read and write operations, controlled by an attacker.

Affected Platforms (CPE)

📦
Tnef Project

Tnef

<= 1.4.12
💻
Debian

Debian Linux

= 8.0

References & Advisories

🔗 http://www.debian.org/security/2017/dsa-3798
🔗 http://www.securityfocus.com/bid/96427
🔗 https://github.com/verdammelt/tnef/blob/master/ChangeLog
🔗 https://github.com/verdammelt/tnef/commit/1a17af1ed0c791aec44dbdc9eab91218cc1e335a
🔗 https://security.gentoo.org/glsa/201708-02
🔗 https://www.x41-dsec.de/lab/advisories/x41-2017-004-tnef/
🔗 http://www.debian.org/security/2017/dsa-3798
🔗 http://www.securityfocus.com/bid/96427

関連する脆弱性情報

CVE-2000-061410.0

Tnef program in Linux systems allows remote attackers to overwrite arbitrary files via TNEF encoded compressed attachments which s...

CVE-2016-36459.8

Integer overflow in the TNEF unpacker in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Da...

CVE-2017-89119.8

An integer underflow has been identified in the unicode_to_utf8() function in tnef 1.4.14. This might lead to invalid write operat...

CVE-2009-00989.3

Microsoft Exchange 2000 Server SP3, Exchange Server 2003 SP2, and Exchange Server 2007 SP1 do not properly interpret Transport Neu...