PT-2019-15699 · Tnef+2 · Tnef+2

Paul Dreik

Published

2019-11-11

Updated

2024-08-06

CVE-2019-18849

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions tnef versions prior to 1.4.18

Description The issue allows an attacker to potentially write to the victim's .ssh/authorized keys file via a crafted winmail.dat application/ms-tnef attachment in an email message. This is due to a heap-based buffer over-read involving the strdup function.

Recommendations For versions prior to 1.4.18, update to version 1.4.18 or later to resolve the issue. As a temporary workaround, consider restricting the handling of winmail.dat attachments to minimize the risk of exploitation.

Exploit

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

ALT-PU-2019-3194

ALT-PU-2024-10571

CVE-2019-18849

DLA-2005-1

DLA-2748-1

MGASA-2019-0367

ROSA-SA-2023-2173

USN-4524-1

Affected Products

Alt Linux

Ubuntu

Tnef

PT-2019-15699 · Tnef+2 · Tnef+2

CVE-2019-18849

Weakness Enumeration

Related Identifiers

Affected Products

References · 23