In tnef before 1.4.18, an attacker may be able to write to the victim's .ssh/authorized_keys file via an e-mail message with a crafted winmail.dat application/ms-tnef attachment, because of a heap-based buffer over-read involving strdup.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "1.4.9-1+deb8u4build0.16.04.1", "binary_name": "tnef" }, { "binary_version": "1.4.9-1+deb8u4build0.16.04.1", "binary_name": "tnef-dbgsym" } ] }
{ "ubuntu_priority": "medium" }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "1.4.18-1", "binary_name": "tnef" }, { "binary_version": "1.4.18-1", "binary_name": "tnef-dbgsym" } ] }