6 matches found
CVE-2016-4332
The library's failure to check if certain message types support a particular flag, the HDF5 1.8.16 library will cast the structure to an alternative structure and then assign to fields that aren't supported by the message type and the library will write outside the bounds of the heap buffer. This...
Heap overflow
The library's failure to check if certain message types support a particular flag, the HDF5 1.8.16 library will cast the structure to an alternative structure and then assign to fields that aren't supported by the message type and the library will write outside the bounds of the heap buffer. This...
Out-of-bounds
The HDF5 1.8.16 library allocating space for the array using a value from the file has an impact within the loop for initializing said array allowing a value within the file to modify the loop's terminator. Due to this, an aggressor can cause the loop's index to point outside the bounds of the...
CVE-2016-4333
The HDF5 1.8.16 library allocating space for the array using a value from the file has an impact within the loop for initializing said array allowing a value within the file to modify the loop's terminator. Due to this, an aggressor can cause the loop's index to point outside the bounds of the...
CVE-2016-4332
CVE-2016-4332 describes a vulnerability in the HDF5 library (Shareable Message Type code path) where failure to verify message-type support can cause the library to cast structures and write outside bounds, yielding a heap-buffer overflow and potential code execution under the library context. Th...
CVE-2016-4331
CVE-2016-4331 (HDF5) affects the HDF5 1.8.16 library, specifically the H5Z_NBIT decoding path. A flaw in bounds/precision checks can lead to arbitrary code execution with high impact when decoding untrusted data. This is part of a set of related issues (CVE-2016-4330/4331/4332/4333) tied to HDF5 ...