{"id":"CVE-2019-18849","details":"In tnef before 1.4.18, an attacker may be able to write to the victim's .ssh/authorized_keys file via an e-mail message with a crafted winmail.dat application/ms-tnef attachment, because of a heap-based buffer over-read involving strdup.","modified":"2026-04-16T04:41:04.831729672Z","published":"2019-11-11T04:15:10.530Z","references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RMKFSHPMOZL7MDWU5RYOTIBTRWSZ4Z6X/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W7CPKBW4QZ4VIY4UXIUVUSHRJ4R2FROE/"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2019/11/msg00035.html"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2021/08/msg00025.html"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/4524-1/"},{"type":"FIX","url":"https://github.com/verdammelt/tnef/compare/1.4.17...1.4.18"},{"type":"FIX","url":"https://github.com/verdammelt/tnef/pull/40"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/verdammelt/tnef","events":[{"introduced":"0"},{"fixed":"8edd0e046736764c6decc8cd6e0e739438408f3e"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"1.4.18"}]}}],"versions":["1.4.10","1.4.11","1.4.12","1.4.14","1.4.15","1.4.16","1.4.17","TNEF-1.4.10","TNEF-1.4.11"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"30"}]},{"events":[{"introduced":"0"},{"last_affected":"31"}]},{"events":[{"introduced":"0"},{"last_affected":"16.04"}]},{"events":[{"introduced":"0"},{"last_affected":"8.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-18849.json","vanir_signatures":[{"id":"CVE-2019-18849-0c99bc39","source":"https://github.com/verdammelt/tnef/commit/8edd0e046736764c6decc8cd6e0e739438408f3e","signature_type":"Function","signature_version":"v1","digest":{"length":3966,"function_hash":"197527520806726047393812687626000968189"},"target":{"file":"src/main.c","function":"parse_cmdline"},"deprecated":false},{"id":"CVE-2019-18849-586681cd","source":"https://github.com/verdammelt/tnef/commit/8edd0e046736764c6decc8cd6e0e739438408f3e","signature_type":"Line","signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["17390164876592905577376831902072063451","109240640345055473013296847978297599553","137785748995152623693204248295444430259","155667681579234382799527855881423726826"]},"target":{"file":"src/main.c"},"deprecated":false}],"vanir_signatures_modified":"2026-04-11T12:42:33Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}]}