CyberSec.Space Logo
返回 CVE 浏览器

CVE-2009-3721

HIGH
7.8
CVSS Severity Score
EPSS Score0.0740%
EPSS Percentile42.81th
Published2021年5月26日
Last Modified2024年11月21日

Vulnerability Description

Multiple directory traversal and buffer overflow vulnerabilities were discovered in yTNEF, and in Evolution's TNEF parser that is derived from yTNEF. A crafted email could cause these applications to write data in arbitrary locations on the filesystem, crash, or potentially execute arbitrary code when decoding attachments.

Affected Platforms (CPE)

📦
Gnome

Evolution

All versions
📦
Ytnef Project

Ytnef

All versions

References & Advisories

🔗 http://www.ocert.org/advisories/ocert-2009-013.html
🔗 https://bugzilla.redhat.com/show_bug.cgi?id=521662
🔗 http://www.ocert.org/advisories/ocert-2009-013.html
🔗 https://bugzilla.redhat.com/show_bug.cgi?id=521662

相关漏洞威胁

CVE-2008-353310.0

Format string vulnerability in the window_error function in yelp-window.c in yelp in Gnome after 2.19.90 and before 2.24 allows re...

CVE-2021-435279.8

NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded D...

CVE-2020-121339.8

The Apros Evolution, ConsciusMap, and Furukawa provisioning systems through 2.8.1 allow remote code execution because of javax.fac...

CVE-2005-01029.8

Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execut...

CVE-2009-3721 Detail & Impact Analysis | CVSS 7.8 (HIGH) | Cyber-Sec.Space | Cyber-Sec.Space