VDB
GCVE-110-MAGEIA-2019-367
GCVE-110-MAGEIA-2019-367
Advisory Published
Updated tnef package fixes security vulnerability:
In tnef, an attacker may be able to write to the victim's
.ssh/authorized_keys file via an e-mail message with a crafted
winmail.dat application/ms-tnef attachment, because of a heap-based
buffer over-read involving strdup (CVE-2019-18849).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | tnef | 0 (affected), 1.4.18-1.mga7 (unaffected) | — |
Aliases
References
Browse GCVE Records
72,337 records in the GCVE database · Updated July 14, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.