USN-4524-1: TNEF vulnerabilities

  • Thread starter Ubuntu security notices
  • Start date

Ubuntu security notices

Paul Dreik discovered that TNEF incorrectly handled filenames. If a user were tricked into opening a specially crafted email attachment, an attacker could possibly use this issue to write arbitrary files to the filesystem or cause TNEF crash, resulting in a denial of service. (CVE-2019-18849)

Continue reading...