Eric Sesterhenn, from X41 D-Sec GmbH, discovered several vulnerabilities in tnef, a tool used to unpack MIME attachments of type "application/ms-tnef". Multiple heap overflows, type confusions and out of bound reads and writes could be exploited by tricking a user into opening a malicious attachment. This would result in denial of service via application crash, or potential arbitrary code execution.
URL: (none) => https://www.debian.org/security/2017/dsa-3798
Thanks for your concern, Zombie, but this already got fixed *** This bug has been marked as a duplicate of bug 20343 ***
CC: (none) => marja11Resolution: (none) => DUPLICATEStatus: NEW => RESOLVED