An issue was discovered in tnef before 1.4.13. Four type confusions have been identified in the file_add_mapi_attrs() function. These might lead to invalid read and write operations, controlled by an attacker.
https://www.x41-dsec.de/lab/advisories/x41-2017-004-tnef/
https://security.gentoo.org/glsa/201708-02
https://github.com/verdammelt/tnef/commit/8dccf79857ceeb7a6d3e42c1e762e7b865d5344d
https://github.com/verdammelt/tnef/blob/master/ChangeLog