10 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-3849
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the ffghtb function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data...
RHEL 8 : cfitsio (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - cfitsio: Stack-based buffer overflow in ffghtb allows for potential code execution CVE-2018-3849 - In the...
Mageia: Security Advisory (MGASA-2019-0133)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GLSA-202101-24 : cfitsio: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202101-24 cfitsio: Multiple vulnerabilities Multiple vulnerabilities have been discovered in cfitsio. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for detail...
Buffer overflow
NASA CFITSIO prior to 3.43 is affected by: Buffer Overflow. The impact is: arbitrary code execution. The component is: over 40 source code files were changed. The attack vector is: remote unauthenticated attacker. The fixed version is: 3.43. NOTE: this CVE refers to the issues not covered by...
CVE-2018-3849
In the ffghtb function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain code execution...
Fedora 28 : cfitsio (2019-3c1aed2aa9)
This update backports security fixes from cfitsio 3.440 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
CVE-2018-3849
In the ffghtb function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain code execution...
CVE-2018-3849
CFITSIO 3.42 contains a stack-based buffer overflow in ffghtb() that can be triggered by a crafted FIT image, potentially allowing remote code execution. The connected notes indicate this CVE (CVE-2018-3849) is discussed in unpatched advisories for some Linux distributions (e.g., Red Hat/UNPATCHE...
CVE-2018-3849
In the ffghtb function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain code execution...