CVE-2021-3403

Summary

In ytnef 1.9.3, the TNEFSubjectHandler function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a double free which can be triggered via a crafted file.

Affected Software

VendorProductVersion RangeStatus
n/aytnefAll versionsaffected

Weaknesses

  • CWE-416: CWE-416

ADP Enrichment

CVE Program Container

Additional References

References