EUVD-2009-2840

Malware in sbrugna...

CVE-2009-2850

Multiple buffer overflows in NASA Common Data Format CDF allow context-dependent attackers to execute arbitrary code, as demonstrated using 1 an array index error in the ReadAEDRList64 function, and other errors in the 2 SearchForRecordr64, 3 LastRecord64, 4 CDFsel64, and other unspecified...

CVE-2014-3480

The cdfcountchain function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate sector-count data, which allows remote attackers to cause a denial of service application crash via a crafted CDF file...

UBUNTU-CVE-2014-0207

The cdfreadshortsector function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service assertion failure and application exit via a crafted CDF file...

CVE-2009-2850

Multiple buffer overflows in NASA Common Data Format CDF allow context-dependent attackers to execute arbitrary code, as demonstrated using 1 an array index error in the ReadAEDRList64 function, and other errors in the 2 SearchForRecordr64, 3 LastRecord64, 4 CDFsel64, and other unspecified...

CVE-2009-2850

CVE-2009-2850 relates to multiple heap/buffer overflows in NASA’s Common Data Format (CDF) library. The vulnerabilities are triggered by issues in functions such as ReadAEDRList64, SearchForRecord_r_64, LastRecord64, and CDFsel64, allowing context-dependent attackers to potentially execute arbitr...

CVE-2009-2850

Multiple buffer overflows in NASA Common Data Format CDF allow context-dependent attackers to execute arbitrary code, as demonstrated using 1 an array index error in the ReadAEDRList64 function, and other errors in the 2 SearchForRecordr64, 3 LastRecord64, 4 CDFsel64, and other unspecified...

CDF: User-assisted execution of arbitrary code

Background CDF is a library for the Common Data Format which is a self-describing data format for the storage and manipulation of scalar and multidimensional data. It is developed by the NASA. Description Leon Juranic reported multiple heap-based buffer overflows for instance in the ReadAEDRList6...

[INFIGO-2009-07-09]: NASA Common Data Format remote buffer overflow(s)

=================================================================== 'Celebrating 40 years of Apollo and 20 years of buffer overflows' =================================================================== INFIGO IS Security Advisory ADV-2009-07-09 http://www.infigo.hr/en/ Title: NASA Common Data...

Gentoo Security Advisory GLSA 200805-14 (cdf)

The remote host is missing updates announced in advisory GLSA 200805-14. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 200805-14 (cdf)

The remote host is missing updates announced in advisory GLSA 200805-14. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

GLSA-200805-14 : Common Data Format library: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-200805-14 Common Data Format library: User-assisted execution of arbitrary code Alfredo Ortega Core Security Technologies reported a boundary error within the Read32s64 function when processing CDF files. Impact : A remote attacke...

[ GLSA 200805-14 ] Common Data Format library: User-assisted execution of arbitrary code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200805-14 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - -...

Core Security Technologies Advisory 2008.0326

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ NASA's Common Data Format buffer overflow Advisory Information Title: NASA's Common Data Format buffer overflow Advisory ID: CORE-2008-0326 Advisory URL:...

NASA's Common Data Format Buffer Overflow

Advisory ID Internal CORE-2008-0326 Advisory Information: Advisory ID: CORE-2008-0326 Advisory URL:https://www.coresecurity.com/?action=item&id=2260 Date published: 2008-05-05 Date of last update: 2008-05-05 Vendors contacted: GODDARD Space Flight Center Release mode: Coordinated release...