{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92115?format=json","vulnerability_id":"VCID-zaqk-yw24-t7h1","summary":"Off-by-one error in the DecompressRTF function in ytnef.c in Yerase's TNEF Stream Reader allows remote attackers to cause a denial of service (crash) via a crafted TNEF file, which triggers a buffer overflow.","aliases":[{"alias":"CVE-2010-5109"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586675?format=json","purl":"pkg:deb/debian/claws-mail@3.11.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@3.11.1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1048999?format=json","purl":"pkg:deb/debian/claws-mail@3.11.1-3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6bx3-z5a9-vya5"},{"vulnerability":"VCID-921b-k4tj-k7gk"},{"vulnerability":"VCID-eqpn-zwjp-rkdf"},{"vulnerability":"VCID-vpby-tpg2-wygr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@3.11.1-3"},{"url":"http://public2.vulnerablecode.io/api/packages/584281?format=json","purl":"pkg:deb/debian/claws-mail@3.17.8-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-185b-3s2q-1ffu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@3.17.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584282?format=json","purl":"pkg:deb/debian/claws-mail@4.1.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@4.1.1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584283?format=json","purl":"pkg:deb/debian/claws-mail@4.3.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@4.3.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584284?format=json","purl":"pkg:deb/debian/claws-mail@4.4.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@4.4.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/929382?format=json","purl":"pkg:deb/debian/libytnef@1.5-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@1.5-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1035503?format=json","purl":"pkg:deb/debian/libytnef@1.5-6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-21bd-whcr-ekgv"},{"vulnerability":"VCID-2zd4-eyeq-27dd"},{"vulnerability":"VCID-4vcd-yfbf-2bew"},{"vulnerability":"VCID-4w5v-t22x-5khp"},{"vulnerability":"VCID-6bb4-nr6n-wufy"},{"vulnerability":"VCID-8esx-t2u5-e3hq"},{"vulnerability":"VCID-c3hk-hm71-eqdf"},{"vulnerability":"VCID-cx2k-skx9-j3c6"},{"vulnerability":"VCID-d529-bgrd-6ya7"},{"vulnerability":"VCID-d7md-3ueu-puhr"},{"vulnerability":"VCID-dnnp-fjbz-u7b6"},{"vulnerability":"VCID-efxj-4v6j-fbaa"},{"vulnerability":"VCID-j1fz-gkzw-qbc9"},{"vulnerability":"VCID-jhtz-myes-dua9"},{"vulnerability":"VCID-mhyf-fp38-u3de"},{"vulnerability":"VCID-nrgn-8ky2-pyec"},{"vulnerability":"VCID-qjgm-8c1m-qbfg"},{"vulnerability":"VCID-qkuz-r9a9-vqbx"},{"vulnerability":"VCID-sag4-mswc-hbg5"},{"vulnerability":"VCID-uar8-sxnf-efhs"},{"vulnerability":"VCID-ujwn-5uux-gygu"},{"vulnerability":"VCID-vbsd-6wyd-qfgp"},{"vulnerability":"VCID-vsdy-7eh2-8yc9"},{"vulnerability":"VCID-z8rr-5xpx-eqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@1.5-6"},{"url":"http://public2.vulnerablecode.io/api/packages/929383?format=json","purl":"pkg:deb/debian/libytnef@1.9.3-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@1.9.3-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/929381?format=json","purl":"pkg:deb/debian/libytnef@2.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@2.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/929384?format=json","purl":"pkg:deb/debian/libytnef@2.1.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@2.1.2-1%3Fdistro=trixie"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035405?format=json","purl":"pkg:deb/debian/claws-mail@3.5.0-2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6bx3-z5a9-vya5"},{"vulnerability":"VCID-921b-k4tj-k7gk"},{"vulnerability":"VCID-eqpn-zwjp-rkdf"},{"vulnerability":"VCID-p34h-zc38-63f1"},{"vulnerability":"VCID-vec3-q1tz-sqfr"},{"vulnerability":"VCID-vpby-tpg2-wygr"},{"vulnerability":"VCID-zaqk-yw24-t7h1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@3.5.0-2.1"},{"url":"http://public2.vulnerablecode.io/api/packages/1035406?format=json","purl":"pkg:deb/debian/claws-mail@3.7.6-4%2Bsqueeze1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6bx3-z5a9-vya5"},{"vulnerability":"VCID-921b-k4tj-k7gk"},{"vulnerability":"VCID-eqpn-zwjp-rkdf"},{"vulnerability":"VCID-p34h-zc38-63f1"},{"vulnerability":"VCID-vec3-q1tz-sqfr"},{"vulnerability":"VCID-vpby-tpg2-wygr"},{"vulnerability":"VCID-zaqk-yw24-t7h1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@3.7.6-4%252Bsqueeze1"},{"url":"http://public2.vulnerablecode.io/api/packages/1035407?format=json","purl":"pkg:deb/debian/claws-mail@3.7.6-4%2Bsqueeze2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6bx3-z5a9-vya5"},{"vulnerability":"VCID-921b-k4tj-k7gk"},{"vulnerability":"VCID-eqpn-zwjp-rkdf"},{"vulnerability":"VCID-p34h-zc38-63f1"},{"vulnerability":"VCID-vec3-q1tz-sqfr"},{"vulnerability":"VCID-vpby-tpg2-wygr"},{"vulnerability":"VCID-zaqk-yw24-t7h1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@3.7.6-4%252Bsqueeze2"},{"url":"http://public2.vulnerablecode.io/api/packages/1035408?format=json","purl":"pkg:deb/debian/claws-mail@3.8.1-2%2Bdeb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6bx3-z5a9-vya5"},{"vulnerability":"VCID-921b-k4tj-k7gk"},{"vulnerability":"VCID-eqpn-zwjp-rkdf"},{"vulnerability":"VCID-p34h-zc38-63f1"},{"vulnerability":"VCID-vpby-tpg2-wygr"},{"vulnerability":"VCID-zaqk-yw24-t7h1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@3.8.1-2%252Bdeb7u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1048998?format=json","purl":"pkg:deb/debian/claws-mail@3.10.1-2~bpo70%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6bx3-z5a9-vya5"},{"vulnerability":"VCID-921b-k4tj-k7gk"},{"vulnerability":"VCID-eqpn-zwjp-rkdf"},{"vulnerability":"VCID-vpby-tpg2-wygr"},{"vulnerability":"VCID-zaqk-yw24-t7h1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@3.10.1-2~bpo70%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/1035500?format=json","purl":"pkg:deb/debian/libytnef@1.5-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-21bd-whcr-ekgv"},{"vulnerability":"VCID-2zd4-eyeq-27dd"},{"vulnerability":"VCID-4vcd-yfbf-2bew"},{"vulnerability":"VCID-4w5v-t22x-5khp"},{"vulnerability":"VCID-6bb4-nr6n-wufy"},{"vulnerability":"VCID-8esx-t2u5-e3hq"},{"vulnerability":"VCID-c3hk-hm71-eqdf"},{"vulnerability":"VCID-cx2k-skx9-j3c6"},{"vulnerability":"VCID-d529-bgrd-6ya7"},{"vulnerability":"VCID-d7md-3ueu-puhr"},{"vulnerability":"VCID-dnnp-fjbz-u7b6"},{"vulnerability":"VCID-efxj-4v6j-fbaa"},{"vulnerability":"VCID-j1fz-gkzw-qbc9"},{"vulnerability":"VCID-jhtz-myes-dua9"},{"vulnerability":"VCID-mhyf-fp38-u3de"},{"vulnerability":"VCID-nrgn-8ky2-pyec"},{"vulnerability":"VCID-qjgm-8c1m-qbfg"},{"vulnerability":"VCID-qkuz-r9a9-vqbx"},{"vulnerability":"VCID-sag4-mswc-hbg5"},{"vulnerability":"VCID-uar8-sxnf-efhs"},{"vulnerability":"VCID-ujwn-5uux-gygu"},{"vulnerability":"VCID-vbsd-6wyd-qfgp"},{"vulnerability":"VCID-vsdy-7eh2-8yc9"},{"vulnerability":"VCID-z8rr-5xpx-eqbb"},{"vulnerability":"VCID-zaqk-yw24-t7h1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@1.5-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1035501?format=json","purl":"pkg:deb/debian/libytnef@1.5-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-21bd-whcr-ekgv"},{"vulnerability":"VCID-2zd4-eyeq-27dd"},{"vulnerability":"VCID-4vcd-yfbf-2bew"},{"vulnerability":"VCID-4w5v-t22x-5khp"},{"vulnerability":"VCID-6bb4-nr6n-wufy"},{"vulnerability":"VCID-8esx-t2u5-e3hq"},{"vulnerability":"VCID-c3hk-hm71-eqdf"},{"vulnerability":"VCID-cx2k-skx9-j3c6"},{"vulnerability":"VCID-d529-bgrd-6ya7"},{"vulnerability":"VCID-d7md-3ueu-puhr"},{"vulnerability":"VCID-dnnp-fjbz-u7b6"},{"vulnerability":"VCID-efxj-4v6j-fbaa"},{"vulnerability":"VCID-j1fz-gkzw-qbc9"},{"vulnerability":"VCID-jhtz-myes-dua9"},{"vulnerability":"VCID-mhyf-fp38-u3de"},{"vulnerability":"VCID-nrgn-8ky2-pyec"},{"vulnerability":"VCID-qjgm-8c1m-qbfg"},{"vulnerability":"VCID-qkuz-r9a9-vqbx"},{"vulnerability":"VCID-sag4-mswc-hbg5"},{"vulnerability":"VCID-uar8-sxnf-efhs"},{"vulnerability":"VCID-ujwn-5uux-gygu"},{"vulnerability":"VCID-vbsd-6wyd-qfgp"},{"vulnerability":"VCID-vsdy-7eh2-8yc9"},{"vulnerability":"VCID-z8rr-5xpx-eqbb"},{"vulnerability":"VCID-zaqk-yw24-t7h1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@1.5-2"},{"url":"http://public2.vulnerablecode.io/api/packages/1035502?format=json","purl":"pkg:deb/debian/libytnef@1.5-4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-21bd-whcr-ekgv"},{"vulnerability":"VCID-2zd4-eyeq-27dd"},{"vulnerability":"VCID-4vcd-yfbf-2bew"},{"vulnerability":"VCID-4w5v-t22x-5khp"},{"vulnerability":"VCID-6bb4-nr6n-wufy"},{"vulnerability":"VCID-8esx-t2u5-e3hq"},{"vulnerability":"VCID-c3hk-hm71-eqdf"},{"vulnerability":"VCID-cx2k-skx9-j3c6"},{"vulnerability":"VCID-d529-bgrd-6ya7"},{"vulnerability":"VCID-d7md-3ueu-puhr"},{"vulnerability":"VCID-dnnp-fjbz-u7b6"},{"vulnerability":"VCID-efxj-4v6j-fbaa"},{"vulnerability":"VCID-j1fz-gkzw-qbc9"},{"vulnerability":"VCID-jhtz-myes-dua9"},{"vulnerability":"VCID-mhyf-fp38-u3de"},{"vulnerability":"VCID-nrgn-8ky2-pyec"},{"vulnerability":"VCID-qjgm-8c1m-qbfg"},{"vulnerability":"VCID-qkuz-r9a9-vqbx"},{"vulnerability":"VCID-sag4-mswc-hbg5"},{"vulnerability":"VCID-uar8-sxnf-efhs"},{"vulnerability":"VCID-ujwn-5uux-gygu"},{"vulnerability":"VCID-vbsd-6wyd-qfgp"},{"vulnerability":"VCID-vsdy-7eh2-8yc9"},{"vulnerability":"VCID-z8rr-5xpx-eqbb"},{"vulnerability":"VCID-zaqk-yw24-t7h1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@1.5-4"}],"references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-5109","reference_id":"","reference_type":"","scores":[{"value":"0.0124","scoring_system":"epss","scoring_elements":"0.79193","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0124","scoring_system":"epss","scoring_elements":"0.792","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0124","scoring_system":"epss","scoring_elements":"0.79223","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0124","scoring_system":"epss","scoring_elements":"0.79209","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0124","scoring_system":"epss","scoring_elements":"0.79234","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0124","scoring_system":"epss","scoring_elements":"0.79242","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0124","scoring_system":"epss","scoring_elements":"0.79266","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0124","scoring_system":"epss","scoring_elements":"0.79251","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0124","scoring_system":"epss","scoring_elements":"0.79239","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0124","scoring_system":"epss","scoring_elements":"0.79262","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0124","scoring_system":"epss","scoring_elements":"0.79263","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0124","scoring_system":"epss","scoring_elements":"0.79298","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0124","scoring_system":"epss","scoring_elements":"0.79304","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0124","scoring_system":"epss","scoring_elements":"0.79322","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0124","scoring_system":"epss","scoring_elements":"0.79335","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0124","scoring_system":"epss","scoring_elements":"0.79355","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0124","scoring_system":"epss","scoring_elements":"0.79373","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0124","scoring_system":"epss","scoring_elements":"0.79374","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0124","scoring_system":"epss","scoring_elements":"0.79391","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-5109"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5109","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5109"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=705468","reference_id":"705468","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=705468"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771360","reference_id":"771360","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771360"}],"weaknesses":[],"exploits":[],"severity_range_score":null,"exploitability":"0.5","weighted_severity":"0.0","risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zaqk-yw24-t7h1"}