Security Advisory

CVE-2019-18849

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-11-11 03:21:55

Last updated 2024-08-05 02:02:39

Assigner mitre

State PUBLISHED

Description

In tnef before 1.4.18, an attacker may be able to write to the victims .ssh/authorized_keys file via an e-mail message with a crafted winmail.dat application/ms-tnef attachment, because of a heap-based buffer over-read involving strdup.

← Browse all CVEs View on cve.org ↗