An issue was discovered in ytnef before 1.9.1. This is related to a patch described as “5 of 9. Integer Overflow.”

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as “4 of 9. Out of Bounds Reads.”

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as “6 of 9. Invalid Write and Integer Overflow.”

The r_read_* functions in libr/include/r_endian.h in radare2 1.2.1 allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted binary file, as demonstrated by the r_read_le32 function.

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as “1 of 9. Null Pointer Deref / calloc return value not checked.”

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as “8 of 9. Out of Bounds read and write.”

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as “7 of 9. Out of Bounds read.”

An issue was discovered in tnef before 1.4.13. Two OOB Writes have been identified in src/mapi_attr.c:mapi_attr_read(). These might lead to invalid read and write operations, controlled by an attacker.

An issue was discovered in tnef before 1.4.13. Four type confusions have been identified in the file_add_mapi_attrs() function. These might lead to invalid read and write operations, controlled by an attacker.

An issue was discovered in tnef before 1.4.13. Two type confusions have been identified in the parse_file() function. These might lead to invalid read and write operations, controlled by an attacker.