EUVD-2019-10619

Malware in sbrugna...

Heap-Based Buffer Overflow

libmysofa.so is vulnerable to heap-based buffer overflow. The lack of size check in the readOHDRHeaderMessageDataLayout function in dataobject.c causes a heap-based buffer overflow which could result in an application crash...

Buffer overflow

Buffer overflow in readDataVar in hdf/dataobject.c in Symonics libmysofa 0.5 - 1.1 allows attackers to execute arbitrary code via a crafted SOFA...

CVE-2020-36152

Buffer overflow in readDataVar in hdf/dataobject.c in Symonics libmysofa 0.5 - 1.1 allows attackers to execute arbitrary code via a crafted SOFA...

PT-2021-11934 · Symonics +2 · Libmysofa +2

Name of the Vulnerable Software and Affected Versions: Symonics libmysofa versions 0.5 through 1.1 Description: The issue allows attackers to execute arbitrary code via a crafted SOFA file, due to a buffer overflow in the readDataVar function in hdf/dataobject.c. Recommendations: For versions 0.5...

CVE-2020-6860

libmysofa 0.9.1 has a stack-based buffer overflow in readDataVar in hdf/dataobject.c during the reading of a header message attribute...

CVE-2020-6860

libmysofa 0.9.1 has a stack-based buffer overflow in readDataVar in hdf/dataobject.c during the reading of a header message attribute...

Stack overflow

libmysofa 0.9.1 has a stack-based buffer overflow in readDataVar in hdf/dataobject.c during the reading of a header message attribute...

CVE-2020-6860

libmysofa 0.9.1 has a stack-based buffer overflow in readDataVar in hdf/dataobject.c during the reading of a header message attribute...

CVE-2019-20063

CVE-2019-20063 affects libmysofa prior to version 0.8, caused by an uninitialized use of memory in hdf/dataobject.c, demonstrated by mysofa2json. Several advisories confirm the issue and list it among CVEs fixed by updating to libmysofa 0.9.1 (openSUSE SU-2021-444/OSV entries; openSUSE backports)...

CVE-2019-20016

libmysofa before 2019-11-24 does not properly restrict recursive function calls, as demonstrated by reports of stack consumption in readOHDRHeaderMessageDatatype in dataobject.c and directblockRead in fractalhead.c. NOTE: a download of v0.9 after 2019-12-06 should fully remediate this issue...

Design/Logic Flaw

libmysofa before 2019-11-24 does not properly restrict recursive function calls, as demonstrated by reports of stack consumption in readOHDRHeaderMessageDatatype in dataobject.c and directblockRead in fractalhead.c. NOTE: a download of v0.9 after 2019-12-06 should fully remediate this issue...

CVE-2019-20016

CVE-2019-20016 affects libmysofa. Multiple connected sources confirm the issue arises from insufficient restriction of recursive function calls, demonstrated by stack consumption in readOHDRHeaderMessageDatatype (dataobject.c) and directblockRead (fractalhead.c). The vulnerability is addressed in...

CVE-2019-20016

libmysofa before 2019-11-24 does not properly restrict recursive function calls, as demonstrated by reports of stack consumption in readOHDRHeaderMessageDatatype in dataobject.c and directblockRead in fractalhead.c. NOTE: a download of v0.9 after 2019-12-06 should fully remediate this issue...

CVE-2019-16094

Symonics libmysofa 0.7 has an invalid read in readOHDRHeaderMessageDataLayout in hdf/dataobject.c...

CVE-2019-16094

Symonics libmysofa 0.7 has an invalid read in readOHDRHeaderMessageDataLayout in hdf/dataobject.c...

CVE-2019-16094

Symonics libmysofa 0.7 has an invalid read in readOHDRHeaderMessageDataLayout in hdf/dataobject.c...

Design/Logic Flaw

Symonics libmysofa 0.7 has an invalid read in readOHDRHeaderMessageDataLayout in hdf/dataobject.c...

CVE-2019-16094

Symonics libmysofa 0.7 has an invalid read in readOHDRHeaderMessageDataLayout in hdf/dataobject.c...