MGASA-2017-0083

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2017-0083.html

Import Source

https://advisories.mageia.org/MGASA-2017-0083.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2017-0083

Related

Published

2017-03-25T16:56:41Z

Modified

2017-03-25T16:45:03Z

Summary

Updated tnef packages fix security vulnerability

Details

An issue was discovered in tnef before 1.4.13. Two OOB Writes have been identified in src/mapiattr.c:mapiattr_read(). These might lead to invalid read and write operations, controlled by an attacker. (CVE-2017-6307)

An issue was discovered in tnef before 1.4.13. Several Integer Overflows, which can lead to Heap Overflows, have been identified in the functions that wrap memory allocation. (CVE-2017-6308)

An issue was discovered in tnef before 1.4.13. Two type confusions have been identified in the parse_file() function. These might lead to invalid read and write operations, controlled by an attacker. (CVE-2017-6309)

An issue was discovered in tnef before 1.4.13. Four type confusions have been identified in the fileaddmapi_attrs() function. These might lead to invalid read and write operations, controlled by an attacker. (CVE-2017-6310)

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

MGASA-2017-0083

Affected packages