1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
Candidate: CVE-2017-9471
PublicDate: 2017-06-07
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9471
https://github.com/Yeraze/ytnef/issues/39
https://blogs.gentoo.org/ago/2017/05/24/ytnef-heap-based-buffer-overflow-in-swapword-ytnef-c/
Description:
In ytnef 1.9.2, the SwapWord function in lib/ytnef.c allows remote
attackers to cause a denial of service (heap-based buffer over-read and
application crash) via a crafted file.
Ubuntu-Description:
Notes:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
Patches_libytnef:
upstream_libytnef: needs-triage
precise/esm_libytnef: DNE
trusty_libytnef: needs-triage
vivid/stable-phone-overlay_libytnef: DNE
vivid/ubuntu-core_libytnef: DNE
xenial_libytnef: needs-triage
yakkety_libytnef: ignored (reached end-of-life)
zesty_libytnef: needs-triage
devel_libytnef: needs-triage
|