Candidate: CVE-2017-8911
PublicDate: 2017-05-12 07:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8911
Description:
 An integer underflow has been identified in the unicode_to_utf8() function
 in tnef 1.4.14. This might lead to invalid write operations, controlled by
 an attacker.
Ubuntu-Description:
Notes:
Bugs:
 https://github.com/verdammelt/tnef/issues/23
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H [9.8 CRITICAL]

Patches_tnef:
upstream_tnef: needs-triage
precise/esm_tnef: DNE
trusty_tnef: released (1.4.9-1+deb8u3build0.14.04.1)
trusty/esm_tnef: DNE (trusty was released [1.4.9-1+deb8u3build0.14.04.1])
vivid/stable-phone-overlay_tnef: DNE
vivid/ubuntu-core_tnef: DNE
xenial_tnef: released (1.4.9-1+deb8u3build0.16.04.1)
yakkety_tnef: released (1.4.9-1+deb8u3build0.16.10.1)
zesty_tnef: released (1.4.12-1ubuntu0.1)
devel_tnef: not-affected (1.4.12-1.2)