Bingosxs

**Name of the Vulnerable Software and Affected Versions** libytnef versions prior to 1.9.3 libytnef version 1.9.2 and earlier **Description** The issue is related to the `TNEFFillMapi` function in `lib/ytnef.c`, which does not ensure a nonzero count value before a certain memory allocation. This allows remote attackers to cause a denial of service, resulting in a heap-based buffer overflow and application crash, or possibly have other unspecified impacts via a crafted tnef file. **Recommendations** For libytnef versions prior to 1.9.3, update to version 1.9.3 or later to resolve the issue. For libytnef version 1.9.2 and earlier, update to version 1.9.3 or later to resolve the issue. As a temporary workaround, consider restricting the use of the `TNEFFillMapi` function in `lib/ytnef.c` until a patch is available.

**Name of the Vulnerable Software and Affected Versions** ytnef versions prior to 1.9.3 ALT Linux (affected versions not specified) **Description** The issue is related to a heap-based buffer over-read due to incorrect boundary checking in the SIZECHECK macro in lib/ytnef.c. **Recommendations** For ytnef versions prior to 1.9.3, update to version 1.9.3 or later to resolve the issue. For ALT Linux, at the moment, there is no information about a newer version that contains a fix for this vulnerability.