CVE-2018-3846

In the ffgphd and ffgtkn functions in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain code execution.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:nasa:cfitsio:3.42:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*

Information

Published : 2018-04-16 09:29

Updated : 2022-11-28 14:07


NVD link : CVE-2018-3846

Mitre link : CVE-2018-3846


JSON object : View

CWE
CWE-787

Out-of-bounds Write

Advertisement

dedicated server usa

Products Affected

nasa

  • cfitsio

fedoraproject

  • fedora