Unrtf
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-10091 | Hig | 0.49 | 7.5 | 0.03 | Apr 21, 2017 | Multiple stack-based buffer overflows in unrtf 0.21.9 allow remote attackers to cause a denial-of-service by writing a negative integer to the (1) cmd_expand function, (2) cmd_emboss function, or (3) cmd_engrave function. | ||
| CVE-2025-65411 | 0.00 | — | 0.01 | Dec 30, 2025 | A NULL pointer dereference in the src/path.c component of GNU Unrtf v0.21.10 allows attackers to cause a Denial of Service (DoS) via injecting a crafted payload into the search_path parameter. | |||
| CVE-2025-65410 | 0.00 | — | 0.00 | Dec 23, 2025 | A stack overflow in the src/main.c component of GNU Unrtf v0.21.10 allows attackers to cause a Denial of Service (DoS) via injecting a crafted input into the filename parameter. | |||
| CVE-2014-9275 | 0.00 | — | 0.05 | Dec 9, 2014 | UnRTF allows remote attackers to cause a denial of service (out-of-bounds memory access and crash) and possibly execute arbitrary code via a crafted RTF file. | |||
| CVE-2014-9274 | 0.00 | — | 0.06 | Dec 9, 2014 | UnRTF allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code as demonstrated by a file containing the string "{\cb-999999999". | |||
| CVE-2004-1297 | 0.00 | — | 0.06 | Jan 10, 2005 | Buffer overflow in the process_font_table function in convert.c for unrtf 0.19.3 allows remote attackers to execute arbitrary code via a crafted RTF file. |
- risk 0.49cvss 7.5epss 0.03
Multiple stack-based buffer overflows in unrtf 0.21.9 allow remote attackers to cause a denial-of-service by writing a negative integer to the (1) cmd_expand function, (2) cmd_emboss function, or (3) cmd_engrave function.
- CVE-2025-65411Dec 30, 2025risk 0.00cvss —epss 0.01
A NULL pointer dereference in the src/path.c component of GNU Unrtf v0.21.10 allows attackers to cause a Denial of Service (DoS) via injecting a crafted payload into the search_path parameter.
- CVE-2025-65410Dec 23, 2025risk 0.00cvss —epss 0.00
A stack overflow in the src/main.c component of GNU Unrtf v0.21.10 allows attackers to cause a Denial of Service (DoS) via injecting a crafted input into the filename parameter.
- CVE-2014-9275Dec 9, 2014risk 0.00cvss —epss 0.05
UnRTF allows remote attackers to cause a denial of service (out-of-bounds memory access and crash) and possibly execute arbitrary code via a crafted RTF file.
- CVE-2014-9274Dec 9, 2014risk 0.00cvss —epss 0.06
UnRTF allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code as demonstrated by a file containing the string "{\cb-999999999".
- CVE-2004-1297Jan 10, 2005risk 0.00cvss —epss 0.06
Buffer overflow in the process_font_table function in convert.c for unrtf 0.19.3 allows remote attackers to execute arbitrary code via a crafted RTF file.