ALT Linux Team

Package libytnef update in sisyphus on 2017-02-25

ALT-PU-2017-1212-1

Package libytnef updated to version 1.9.1-alt1 for branch sisyphus in task 178587.

Closed vulnerabilities

Published: 2017-02-24
Modified: 2024-11-21

CVE-2017-6298

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "1 of 9. Null Pointer Deref / calloc return value not checked."

Severity: HIGH (7.8) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
Published: 2017-02-24
Modified: 2024-11-21

CVE-2017-6299

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "2 of 9. Infinite Loop / DoS in the TNEFFillMapi function in lib/ytnef.c."

Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
References:
Published: 2017-02-24
Modified: 2024-11-21

CVE-2017-6300

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "3 of 9. Buffer Overflow in version field in lib/tnef-types.h."

Severity: HIGH (7.8) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
Published: 2017-02-24
Modified: 2024-11-21

CVE-2017-6301

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "4 of 9. Out of Bounds Reads."

Severity: HIGH (7.8) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
Published: 2017-02-24
Modified: 2024-11-21

CVE-2017-6302

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "5 of 9. Integer Overflow."

Severity: HIGH (7.8) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2017-02-24
Modified: 2024-11-21

CVE-2017-6303

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "6 of 9. Invalid Write and Integer Overflow."

Severity: HIGH (7.8) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
Published: 2017-02-24
Modified: 2024-11-21

CVE-2017-6304

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "7 of 9. Out of Bounds read."

Severity: HIGH (7.8) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
Published: 2017-02-24
Modified: 2024-11-21

CVE-2017-6305

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "8 of 9. Out of Bounds read and write."

Severity: HIGH (7.8) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
Published: 2017-02-24
Modified: 2024-11-21

CVE-2017-6306

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "9 of 9. Directory Traversal using the filename; SanitizeFilename function in settings.c."

Severity: HIGH (7.8) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.0
Back to top