CVE-2018-3849

In the ffghtb function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain code execution.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:nasa:cfitsio:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*

Information

Published : 2018-04-16 09:29

Updated : 2023-01-31 12:15


NVD link : CVE-2018-3849

Mitre link : CVE-2018-3849


JSON object : View

CWE
CWE-787

Out-of-bounds Write

Advertisement

dedicated server usa

Products Affected

nasa

  • cfitsio

fedoraproject

  • fedora