Your submission was sent successfully! Close

CVE-2017-9471

Published: 7 June 2017

In ytnef 1.9.2, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.

Priority

Low

CVSS 3 base score: 5.5

Status

Package Release Status
libytnef
Launchpad, Ubuntu, Debian
artful Ignored
(reached end-of-life)
bionic Needed

cosmic Ignored
(reached end-of-life)
disco Not vulnerable
(1.9.3-1)
eoan Not vulnerable
(1.9.3-1)
focal Not vulnerable
(1.9.3-1)
groovy Not vulnerable
(1.9.3-1)
hirsute Not vulnerable
(1.9.3-1)
impish Not vulnerable
(1.9.3-1)
jammy Not vulnerable
(1.9.3-1)
precise Does not exist

trusty Does not exist
(trusty was released [1.5-6ubuntu0.2])
upstream
Released (1.9.3-1)
xenial Ignored
(end of standard support, was needed)
yakkety Ignored
(reached end-of-life)
zesty Ignored
(reached end-of-life)
Patches:
upstream: https://github.com/Yeraze/ytnef/pull/56/commits/01fdb170339e60a59a2d247edca95cce646fa4d7