CVE-2008-2080

Name of the Vulnerable Software and Affected Versions Common Data Format (CDF) library versions prior to 3.2.1

Description The issue is related to a stack-based buffer overflow in the Read32s 64 function, which can be exploited by context-dependent attackers to execute arbitrary code. This can be achieved through a .cdf file containing crafted length tags.

Recommendations For versions prior to 3.2.1, update to version 3.2.1 or later to resolve the issue. As a temporary workaround, consider restricting the use of .cdf files from untrusted sources to minimize the risk of exploitation.