SUSE CVE-2018-3848

In the ffghbn function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain code execution...

OESA-2022-1848 cfitsio security update

Security Fixes: In the ffghtb function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain code execution.CVE-2018-3849 In...

OESA-2022-1533 cfitsio security update

Library for manipulating FITS data files. Security Fixes: In the ffghtb function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and...

NASA CFITSIO 'ffghbn' Function Heap Buffer Overflow Vulnerability

NASA CFITSIO is a FITS file subroutine library for reading and writing data files in FITS Flexible Image Transfer System format. A heap buffer overflow vulnerability exists in the 'ffghbn' function in NASA CFITSIO version 3.42. An attacker could exploit this vulnerability by sending a FIT image t...

CVE-2018-3848

CVE-2018-3848 affects NASA CFITSIO before 3.43 (CFITSIO 3.42 in the report). The vulnerability is a stack-based buffer overflow in the ffghbn function that can be triggered by specially crafted FITS images parsed by the library, potentially leading to arbitrary code execution. The initial documen...

PT-2018-16242 · Nasa +1 · Cfitsio +1

Name of the Vulnerable Software and Affected Versions: NASA CFITSIO version 3.42 Description: The issue is related to a stack-based buffer overflow in the ffghbn function when parsing specially crafted images via the library. This can lead to overwriting arbitrary data, potentially allowing an...