5 matches found
RHEL 8 : cfitsio (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - cfitsio: Stack-based buffer overflow in ffghtb allows for potential code execution CVE-2018-3849 - In the...
CVE-2018-3849
In the ffghtb function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain code execution...
CVE-2018-3846
In the ffgphd and ffgtkn functions in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain code execution...
CVE-2018-3846
In the ffgphd and ffgtkn functions in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain code execution...
PT-2018-16242 · Nasa +1 · Cfitsio +1
Name of the Vulnerable Software and Affected Versions: NASA CFITSIO version 3.42 Description: The issue is related to a stack-based buffer overflow in the ffghbn function when parsing specially crafted images via the library. This can lead to overwriting arbitrary data, potentially allowing an...