UBUNTU-CVE-2017-6308

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2017-6308

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2017/UBUNTU-CVE-2017-6308.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2017-6308

Upstream

CVE-2017-6308

Published

2017-02-24T04:59:00Z

Modified

2025-09-08T16:44:08Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Ubuntu - medium

Summary

[none]

Details

An issue was discovered in tnef before 1.4.13. Several Integer Overflows, which can lead to Heap Overflows, have been identified in the functions that wrap memory allocation.

References

Affected packages

Ubuntu:14.04:LTS / tnef

Package

Name: tnef
Purl: pkg:deb/ubuntu/tnef@1.4.9-1+deb8u2build0.14.04.1?arch=source&distro=trusty

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.4.9-1+deb8u2build0.14.04.1

Affected versions

1.*

1.4.9-1

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "1.4.9-1+deb8u2build0.14.04.1",
            "binary_name": "tnef"
        }
    ],
    "availability": "No subscription required"
}

Ubuntu:16.04:LTS / tnef

Package

Name: tnef
Purl: pkg:deb/ubuntu/tnef@1.4.9-1+deb8u2build0.16.04.1?arch=source&distro=xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.4.9-1+deb8u2build0.16.04.1

Affected versions

1.*

1.4.9-1

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "1.4.9-1+deb8u2build0.16.04.1",
            "binary_name": "tnef"
        }
    ],
    "availability": "No subscription required"
}