EUVD-2009-2840

Malware in sbrugna...

CVE-2009-2850

Multiple buffer overflows in NASA Common Data Format CDF allow context-dependent attackers to execute arbitrary code, as demonstrated using 1 an array index error in the ReadAEDRList64 function, and other errors in the 2 SearchForRecordr64, 3 LastRecord64, 4 CDFsel64, and other unspecified...

Vulnerability of PHP software, allowing a malicious actor to compromise the accessibility of protected information

A vulnerability exists in the cdfcountchain function in the cdf.c file of the Fileinfo component in PHP, due to improper data validation for the sector counters. Exploitation of this vulnerability allows malicious actors to induce a service failure abnormal termination of the application by using...

CVE-2014-3480

The cdfcountchain function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate sector-count data, which allows remote attackers to cause a denial of service application crash via a crafted CDF file...

UBUNTU-CVE-2014-0207

The cdfreadshortsector function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service assertion failure and application exit via a crafted CDF file...

CVE-2009-2850

Multiple buffer overflows in NASA Common Data Format CDF allow context-dependent attackers to execute arbitrary code, as demonstrated using 1 an array index error in the ReadAEDRList64 function, and other errors in the 2 SearchForRecordr64, 3 LastRecord64, 4 CDFsel64, and other unspecified...

CVE-2009-2850

Multiple buffer overflows in NASA Common Data Format CDF allow context-dependent attackers to execute arbitrary code, as demonstrated using 1 an array index error in the ReadAEDRList64 function, and other errors in the 2 SearchForRecordr64, 3 LastRecord64, 4 CDFsel64, and other unspecified...

CVE-2009-2850

CVE-2009-2850 relates to multiple heap/buffer overflows in NASA’s Common Data Format (CDF) library. The vulnerabilities are triggered by issues in functions such as ReadAEDRList64, SearchForRecord_r_64, LastRecord64, and CDFsel64, allowing context-dependent attackers to potentially execute arbitr...

CDF: User-assisted execution of arbitrary code

Background CDF is a library for the Common Data Format which is a self-describing data format for the storage and manipulation of scalar and multidimensional data. It is developed by the NASA. Description Leon Juranic reported multiple heap-based buffer overflows for instance in the ReadAEDRList6...

[INFIGO-2009-07-09]: NASA Common Data Format remote buffer overflow(s)

=================================================================== 'Celebrating 40 years of Apollo and 20 years of buffer overflows' =================================================================== INFIGO IS Security Advisory ADV-2009-07-09 http://www.infigo.hr/en/ Title: NASA Common Data...

Gentoo Security Advisory GLSA 200805-14 (cdf)

The remote host is missing updates announced in advisory GLSA 200805-14. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200805-14 (cdf)

The remote host is missing updates announced in advisory GLSA 200805-14. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GLSA-200805-14 : Common Data Format library: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-200805-14 Common Data Format library: User-assisted execution of arbitrary code Alfredo Ortega Core Security Technologies reported a boundary error within the Read32s64 function when processing CDF files. Impact : A remote attacke...

[ GLSA 200805-14 ] Common Data Format library: User-assisted execution of arbitrary code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200805-14 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - -...

Core Security Technologies Advisory 2008.0326

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ NASA's Common Data Format buffer overflow Advisory Information Title: NASA's Common Data Format buffer overflow Advisory ID: CORE-2008-0326 Advisory URL:...

NASA's Common Data Format Buffer Overflow

Advisory ID Internal CORE-2008-0326 Advisory Information: Advisory ID: CORE-2008-0326 Advisory URL:https://www.coresecurity.com/?action=item&id=2260 Date published: 2008-05-05 Date of last update: 2008-05-05 Vendors contacted: GODDARD Space Flight Center Release mode: Coordinated release...