In HDF5 1.10.1, there is an out of bounds write vulnerability in the function H5G__ent_decode_vec in H5Gcache.c in libhdf5.a. For example, h5dump would crash or possibly have unspecified other impact someone opens a crafted hdf5 file.
References
Link | Resource |
---|---|
https://github.com/xiaoqx/pocs/tree/master/hdf5/readme.md | Third Party Advisory |
Configurations
Information
Published : 2017-12-10 19:29
Updated : 2017-12-19 12:34
NVD link : CVE-2017-17509
Mitre link : CVE-2017-17509
JSON object : View
CWE
CWE-787
Out-of-bounds Write
Products Affected
hdfgroup
- hdf5