CVE-2009-3721

NameCVE-2009-3721
DescriptionMultiple directory traversal and buffer overflow vulnerabilities were discovered in yTNEF, and in Evolution's TNEF parser that is derived from yTNEF. A crafted email could cause these applications to write data in arbitrary locations on the filesystem, crash, or potentially execute arbitrary code when decoding attachments.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs567631

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
ytnefsource(unstable)(unfixed)567631

Notes

[lenny] - ytnef <no-dsa> (Minor issue)
http://www.ocert.org/advisories/ocert-2009-013.html
This doesn't affect Evolution, the TNEF plugin is external
Search for package or bug name: Reporting problems