CyberSec.Space Logo
CVEブラウザに戻る

CVE-2017-8911

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1790%
EPSS Percentile11.10th
Published2017年5月12日
Last Modified2026年5月13日

Vulnerability Description

An integer underflow has been identified in the unicode_to_utf8() function in tnef 1.4.14. This might lead to invalid write operations, controlled by an attacker.

Affected Platforms (CPE)

📦
Tnef Project

Tnef

= 1.4.14

References & Advisories

🔗 http://www.debian.org/security/2017/dsa-3869
🔗 https://github.com/verdammelt/tnef/issues/23
🔗 https://security.gentoo.org/glsa/201708-02
🔗 http://www.debian.org/security/2017/dsa-3869
🔗 https://github.com/verdammelt/tnef/issues/23
🔗 https://security.gentoo.org/glsa/201708-02

関連する脆弱性情報

CVE-2000-061410.0

Tnef program in Linux systems allows remote attackers to overwrite arbitrary files via TNEF encoded compressed attachments which s...

CVE-2016-36459.8

Integer overflow in the TNEF unpacker in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Da...

CVE-2009-00989.3

Microsoft Exchange 2000 Server SP3, Exchange Server 2003 SP2, and Exchange Server 2007 SP1 do not properly interpret Transport Neu...

CVE-2017-91468.8

The TNEFFillMapi function in lib/ytnef.c in libytnef in ytnef through 1.9.2 does not ensure a nonzero count value before a certain...