Nixpkgs Security Tracker

Untriaged

Permalink CVE-2009-3721

created 1 month ago

Multiple directory traversal and buffer overflow vulnerabilities were discovered in …

Multiple directory traversal and buffer overflow vulnerabilities were discovered in yTNEF, and in Evolution's TNEF parser that is derived from yTNEF. A crafted email could cause these applications to write data in arbitrary locations on the filesystem, crash, or potentially execute arbitrary code when decoding attachments.

References

https://bugzilla.redhat.com/show_bug.cgi?id=521662 x_refsource_MISC
http://www.ocert.org/advisories/ocert-2009-013.html x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=521662 x_refsource_MISC x_transferred
http://www.ocert.org/advisories/ocert-2009-013.html x_refsource_MISC x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=521662 x_refsource_MISC
http://www.ocert.org/advisories/ocert-2009-013.html x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=521662 x_refsource_MISC x_transferred
http://www.ocert.org/advisories/ocert-2009-013.html x_refsource_MISC x_transferred

Affected products

ytnef

==ytnef 2.8

Matching in nixpkgs

pkgs.libytnef

Yeraze's TNEF Stream Reader - for winmail.dat files

nixos-unstable 2.1.2
- nixpkgs-unstable 2.1.2
- nixos-unstable-small 2.1.2
nixos-25.11 2.1.2
- nixos-25.11-small 2.1.2
- nixpkgs-25.11-darwin 2.1.2

Package maintainers

@fpletz Franz Pletz <fpletz@fnordicwalking.de>

Suggestion detail

References

Affected products

Matching in nixpkgs

pkgs.libytnef

Package maintainers