PT-2017-18616 · Tnef · Tnef

Yyyyxf

Published

2017-05-12

Updated

2024-06-15

CVE-2017-8911

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions tnef version 1.4.14

Description An integer underflow has been identified in the unicode to utf8() function. This issue might lead to invalid write operations, which could be controlled by an attacker.

Recommendations For version 1.4.14, consider disabling the unicode to utf8() function until a patch is available to prevent potential exploitation.

Fix

Integer Underflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-191

Related Identifiers

CVE-2017-8911

DLA-962-1

DSA-3869-1

MGASA-2017-0209

OPENSUSE-SU-2024:11467-1

Affected Products

Tnef

PT-2017-18616 · Tnef · Tnef

CVE-2017-8911

Weakness Enumeration

Related Identifiers

Affected Products

References · 21