cpe:/a:unrtf_project:unrtf:0.21.9 CVE-2016-10091 2017-04-21T11:59:00.270-04:00 2017-04-25T17:03:46.143-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2017-04-25T16:30:15.923-04:00 BID 95173 MLIST [oss-security] 20161231 Re: CVE Request: UnRTF: stack-based buffer overflows in cmd_* functions MLIST [oss-security] 20170101 Re: CVE Request: UnRTF: stack-based buffer overflows in cmd_* functions CONFIRM http://hg.savannah.gnu.org/hgweb/unrtf/rev/3b16893a6406 CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=1409546 Multiple stack-based buffer overflows in unrtf 0.21.9 allow remote attackers to cause a denial-of-service by writing a negative integer to the (1) cmd_expand function, (2) cmd_emboss function, or (3) cmd_engrave function.