Paul Dreik discovered that TNEF incorrectly handled filenames. If a user were tricked into opening a specially crafted email attachment, an attacker could possibly use this issue to write arbitrary files to the filesystem or cause TNEF crash, resulting in a denial of service. (CVE-2019-18849)
from Ubuntu Security Notices https://ift.tt/35X1WCU
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.