CVE-2017-6310

Опубликовано: 24 фев. 2017

Источник: nvd

CVSS3: 7.8

CVSS2: 6.8

EPSS Низкий

Описание

An issue was discovered in tnef before 1.4.13. Four type confusions have been identified in the file_add_mapi_attrs() function. These might lead to invalid read and write operations, controlled by an attacker.

Ссылки

http://www.debian.org/security/2017/dsa-3798
Third Party Advisory
http://www.securityfocus.com/bid/96427
Third Party Advisory
VDB Entry
https://github.com/verdammelt/tnef/blob/master/ChangeLog
Patch
Release Notes
Third Party Advisory
https://github.com/verdammelt/tnef/commit/8dccf79857ceeb7a6d3e42c1e762e7b865d5344d
Issue Tracking
Patch
Third Party Advisory
https://security.gentoo.org/glsa/201708-02
Third Party Advisory
https://www.x41-dsec.de/lab/advisories/x41-2017-004-tnef/
Patch
Third Party Advisory
http://www.debian.org/security/2017/dsa-3798
Third Party Advisory
http://www.securityfocus.com/bid/96427
Third Party Advisory
VDB Entry
https://github.com/verdammelt/tnef/blob/master/ChangeLog
Patch
Release Notes
Third Party Advisory
https://github.com/verdammelt/tnef/commit/8dccf79857ceeb7a6d3e42c1e762e7b865d5344d
Issue Tracking
Patch
Third Party Advisory
https://security.gentoo.org/glsa/201708-02
Third Party Advisory
https://www.x41-dsec.de/lab/advisories/x41-2017-004-tnef/
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:tnef_project:tnef:*:*:*:*:*:*:*:*

Версия до 1.4.12 (включая)

Конфигурация 2

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

EPSS

Процентиль: 57%

0.00353

Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-125

Связанные уязвимости

CVE-2017-6310

CVSS3: 7.8

ubuntu

почти 9 лет назад

CVE-2017-6310

CVSS3: 7.8

debian

почти 9 лет назад

An issue was discovered in tnef before 1.4.13. Four type confusions ha ...

GHSA-3pcq-f86j-jh8q

CVSS3: 7.8

github

больше 3 лет назад

EPSS

Процентиль: 57%

0.00353

Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-125