VDB

GCVE-110-MAGEIA-2019-367

GCVE-110-MAGEIA-2019-367
Advisory Published
Vulnetix · Advisory published December 6, 2019
Updated tnef package fixes security vulnerability: In tnef, an attacker may be able to write to the victim's .ssh/authorized_keys file via an e-mail message with a crafted winmail.dat application/ms-tnef attachment, because of a heap-based buffer over-read involving strdup (CVE-2019-18849).

Affected Products

VendorProductVersionsPlatforms
Mageiatnef0 (affected), 1.4.18-1.mga7 (unaffected)

Browse GCVE Records

72,337 records in the GCVE database · Updated July 14, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›