| Description: | Eric Sesterhenn, from X41 D-Sec GmbH, discovered several vulnerabilities in tnef, a tool used to unpack MIME attachments of type 'application/ms-tnef'. Multiple heap overflows, type confusions and out of bound reads and writes could be exploited by tricking a user into opening a malicious attachment. This would result in denial of service via application crash, or potential arbitrary code execution. |