Explore top 10 tips to secure your open-source projects now. Read More
×
In ytnef 1.9.3, the TNEFSubjectHandler function in lib/ytnef.c allows
remote attackers to cause a denial-of-service (and potentially code
execution) due to a double free which can be triggered via a crafted file.
(CVE-2021-3403)
In ytnef 1.9.3, the SwapWord function in lib/ytnef.c allows remote
attackers to cause a denial-of-service (and potentially code execution)
due to a heap buffer overflow which can be triggered via a crafted file.
(CVE-2021-3404)
- https://bugs.mageia.org/show_bug.cgi?id=30735
- https://github.com/Yeraze/ytnef/releases
- https://www.cve.org/CVERecord?id=CVE-2021-3403
- https://www.cve.org/CVERecord?id=CVE-2021-3404
- 8/core/ytnef-2.0-1.mga8
Get the latest Linux and open source security news straight to your inbox.