ID CVE-2017-6298
Summary An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "1 of 9. Null Pointer Deref / calloc return value not checked."
References
Vulnerable Configurations
  • cpe:2.3:a:ytnef_project:ytnef:1.9
    cpe:2.3:a:ytnef_project:ytnef:1.9
  • Debian Linux 8.0 (Jessie)
    cpe:2.3:o:debian:debian_linux:8.0
  • Debian Linux 9.0
    cpe:2.3:o:debian:debian_linux:9.0
CVSS
Base: 6.8 (as of 24-02-2017 - 10:39)
Impact:
Exploitability:
CWE CWE-476
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-3288-1.NASL
    description It was discovered that libytnef incorrectly handled malformed TNEF streams. If a user were tricked into opening a specially crafted TNEF attachment, an attacker could cause a denial of service or possibly execute arbitrary code. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 100219
    published 2017-05-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100219
    title Ubuntu 14.04 LTS : libytnef vulnerabilities (USN-3288-1)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-3846.NASL
    description Several issues were discovered in libytnef, a library used to decode application/ms-tnef e-mail attachments. Multiple heap overflows, out-of-bound writes and reads, NULL pointer dereferences and infinite loops could be exploited by tricking a user into opening a maliciously crafted winmail.dat file.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 100070
    published 2017-05-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100070
    title Debian DSA-3846-1 : libytnef - security update
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DLA-878.NASL
    description CVE-2017-6298 NULL pointer Deref / calloc return value not checked CVE-2017-6299 Infinite Loop / DoS in the TNEFFillMapi function in lib/ytnef.c CVE-2017-6300 Buffer Overflow in version field in lib/tnef-types.h CVE-2017-6301 Out of Bounds Reads CVE-2017-6302 Integer Overflow CVE-2017-6303 Invalid Write and Integer Overflow CVE-2017-6304 Out of Bounds read CVE-2017-6305 Out of Bounds read and write CVE-2017-6801 Out-of-bounds access with fields of Size 0 in TNEFParse() in libytnef CVE-2017-6802 Heap-based buffer over-read on incoming Compressed RTF Streams, related to DecompressRTF() in libytnef For Debian 7 'Wheezy', these problems have been fixed in version 1.5-4+deb7u1. We recommend that you upgrade your libytnef packages. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-10
    plugin id 99044
    published 2017-03-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=99044
    title Debian DLA-878-1 : libytnef security update
refmap via4
bid 96423
debian DSA-3846
misc
Last major update 01-03-2017 - 21:59
Published 23-02-2017 - 23:59
Last modified 13-03-2019 - 13:06
Back to Top