CVE-2017-8911

Опубликовано: 12 мая 2017

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

An integer underflow has been identified in the unicode_to_utf8() function in tnef 1.4.14. This might lead to invalid write operations, controlled by an attacker.

Ссылки

http://www.debian.org/security/2017/dsa-3869
https://github.com/verdammelt/tnef/issues/23
Issue Tracking
Patch
Third Party Advisory
https://security.gentoo.org/glsa/201708-02
http://www.debian.org/security/2017/dsa-3869
https://github.com/verdammelt/tnef/issues/23
Issue Tracking
Patch
Third Party Advisory
https://security.gentoo.org/glsa/201708-02

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:tnef_project:tnef:1.4.14:*:*:*:*:*:*:*

EPSS

Процентиль: 59%

0.00381

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-191

Связанные уязвимости

CVE-2017-8911

CVSS3: 9.8

ubuntu

больше 8 лет назад

An integer underflow has been identified in the unicode_to_utf8() function in tnef 1.4.14. This might lead to invalid write operations, controlled by an attacker.

CVE-2017-8911

CVSS3: 9.8

debian

больше 8 лет назад

An integer underflow has been identified in the unicode_to_utf8() func ...

openSUSE-SU-2017:3095-1

suse-cvrf

около 8 лет назад

Security update for tnef

GHSA-575j-8r4j-2fmq

CVSS3: 9.8

github

больше 3 лет назад

An integer underflow has been identified in the unicode_to_utf8() function in tnef 1.4.14. This might lead to invalid write operations, controlled by an attacker.

EPSS

Процентиль: 59%

0.00381

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-191