← back
CVE-2009-3721

CVE-2009-3721

EPSS 1.6%CWE-22
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 1.6%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
26 May 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Multiple directory traversal and buffer overflow vulnerabilities were discovered in yTNEF, and in Evolution's TNEF parser that is derived from yTNEF. A crafted email could cause these applications to write data in arbitrary locations on the filesystem, crash, or potentially execute arbitrary code when decoding attachments.
Affected products
n/a · ytnef

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →