CVE-2021-3404

Summary

In ytnef 1.9.3, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a heap buffer overflow which can be triggered via a crafted file.

Affected Software

VendorProductVersion RangeStatus
n/aytnefAll versionsaffected

Weaknesses

  • CWE-119: CWE-119

ADP Enrichment

CVE Program Container

Additional References

References