Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2010-5109

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2010-5109
Last Modified 05 May 2014 01:19:46
Published 05 May 2014 01:06:02
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2010-5109

Summary

Off-by-one error in the DecompressRTF function in ytnef.c in Yerase's TNEF Stream Reader allows remote attackers to cause a denial of service (crash) via a crafted TNEF file, which triggers a buffer overflow.

Vulnerable Systems

Operating System

  • Fedoraproject Fedora 16

  • Fedoraproject Fedora 17

Application

  • Randall Hand Yerase%27s Tnef Stream Reader -


References

FEDORA - FEDORA-2012-10250

FEDORA - FEDORA-2012-10286

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=831322

BID - 54484

MLIST - [oss-security] 20130410 CVE-2010-5109 libytnef buffer overflow

MISC - http://sourceforge.net/p/ytnef/bugs/13/


Last Updated: 27 May 2016 11:05:12