EUVD-2008-2077

Malware in sbrugna...

Buffer overflow

Multiple buffer overflows in NASA Common Data Format CDF allow context-dependent attackers to execute arbitrary code, as demonstrated using 1 an array index error in the ReadAEDRList64 function, and other errors in the 2 SearchForRecordr64, 3 LastRecord64, 4 CDFsel64, and other unspecified...

CDF库src/lib/cdfread64.c文件栈溢出漏洞

BUGTRAQ ID: 29045 CVECAN ID: CVE-2008-2080 通用数据格式（CDF）是由NASA戈达德航天飞行中心开发的用于存储和操控标量和多维数据的数据格式。 CDF库在打开无效的CDF输入文件时存在栈溢出漏洞，允许攻击者在使用该库的应用程序环境中执行任意指令或导致整个应用程序崩溃。 漏洞存在于src/lib/cdfread64.c文件的以下代码中。Read32s64函数将数据从文件读取到缓冲区，temp缓冲区大小为MAXREAD32s，但没有检查count参数，因此大于MAXREAD32s的参数可能会触发栈溢出。 /----------- 57...

Stack overflow

Stack-based buffer overflow in the Read32s64 function in src/lib/cdfread64.c in the NASA Goddard Space Flight Center Common Data Format CDF library before 3.2.1 allows context-dependent attackers to execute arbitrary code via a .cdf file with crafted length tags...