PT-2021-8310 · Ytnef+1 · Ytnef+1
Yorick Koster
·
Published
2021-05-26
·
Updated
2021-06-04
·
CVE-2009-3721
CVSS v2.0
6.8
Medium
| Vector | AV:N/AC:M/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
yTNEF (affected versions not specified)
Evolution (affected versions not specified)
Description
Multiple directory traversal and buffer overflow issues were found in yTNEF and Evolution's TNEF parser, which is derived from yTNEF. A specially crafted email could cause these applications to write data in arbitrary locations on the filesystem, crash, or potentially execute arbitrary code when decoding attachments.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Evolution
Ytnef