{"id":"CVE-2017-8911","details":"An integer underflow has been identified in the unicode_to_utf8() function in tnef 1.4.14. This might lead to invalid write operations, controlled by an attacker.","modified":"2026-05-18T11:37:30.667423Z","published":"2017-05-12T07:29:00.313Z","related":["openSUSE-SU-2024:11467-1"],"references":[{"type":"ADVISORY","url":"http://www.debian.org/security/2017/dsa-3869"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201708-02"},{"type":"FIX","url":"https://github.com/verdammelt/tnef/issues/23"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/verdammelt/tnef","events":[{"introduced":"0"},{"last_affected":"5af0791db67d50ce5ebc16252626c679bb4079fb"}],"database_specific":{"source":"CPE_FIELD","extracted_events":[{"introduced":"0"},{"last_affected":"1.4.14"}],"cpe":"cpe:2.3:a:tnef_project:tnef:1.4.14:*:*:*:*:*:*:*"}}],"versions":["1.4.14","1.4.12","TNEF-1.4.11","1.4.11","TNEF-1.4.10","1.4.10"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-8911.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}