PT-2018-12244 · Hdf · Hdf5
Publicado
2018-07-10
·
Atualizado
2020-08-24
·
CVE-2018-13876
CVSS v3.1
9.8
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
HDF5 version 1.8.20
Description
A stack-based buffer overflow issue was found in the HDF5 library, specifically in the H5FD sec2 read function located in H5FDsec2.c. This issue is related to the HDread function.
Recommendations
For version 1.8.20, consider applying a patch or fix that addresses the buffer overflow in the H5FD sec2 read function as a permanent solution. As a temporary workaround, restrict access to the H5FD sec2 read function to minimize the risk of exploitation.
Exploit
Correção
Memory Corruption
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Hdf5