Skip to main content

Unrtf

3 CVEs product

Monthly

CVE-2016-10091 HIGH PATCH This Week

Multiple stack-based buffer overflows in unrtf 0.21.9 allow remote attackers to cause a denial-of-service by writing a negative integer to the (1) cmd_expand function, (2) cmd_emboss function, or (3). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Unrtf
NVD
CVSS 3.0
7.5
EPSS
2.6%
CVE-2014-9275 HIGH This Week

UnRTF allows remote attackers to cause a denial of service (out-of-bounds memory access and crash) and possibly execute arbitrary code via a crafted RTF file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service RCE Buffer Overflow Unrtf
NVD
CVSS 2.0
7.5
EPSS
3.3%
CVE-2014-9274 HIGH POC This Week

{\cb-999999999". Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service RCE Buffer Overflow Unrtf Fedora +2
NVD
CVSS 2.0
7.5
EPSS
5.9%
EPSS 3% CVSS 7.5
HIGH PATCH This Week

Multiple stack-based buffer overflows in unrtf 0.21.9 allow remote attackers to cause a denial-of-service by writing a negative integer to the (1) cmd_expand function, (2) cmd_emboss function, or (3). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Unrtf
NVD
EPSS 3% CVSS 7.5
HIGH This Week

UnRTF allows remote attackers to cause a denial of service (out-of-bounds memory access and crash) and possibly execute arbitrary code via a crafted RTF file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service RCE Buffer Overflow +1
NVD
EPSS 6% CVSS 7.5
HIGH POC This Week

{\cb-999999999". Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service RCE Buffer Overflow +4
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy