tnef Multiple Integer Overflow, Type Confusion and Out of Bounds Write Vulnerabilities

tnef is prone to following security vulnerabilities:

1. Multiple integer-overflow vulnerabilities
2. Multiple type confusion issues
3. Multiple out-of-bounds write issues

An attacker can exploit these issues to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.

tnef 1.4.12 and prior are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus