CVE-2019-18849

Posted on 2019년 11월 11일2019년 11월 11일 by admin

CVE-2019-18849

In tnef before 1.4.18, an attacker may be able to write to the victim’s .ssh/authorized_keys file via an e-mail message with a crafted winmail.dat application/ms-tnef attachment, because of a heap-based buffer over-read involving strdup.

Source: CVE-2019-18849

답글 남기기 응답 취소