PT-2020-19272 · Libmysofa+2 · Libmysofa+2

Fuzzme-Ops

Published

2020-01-10

Updated

2022-02-20

CVE-2020-6860

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions libmysofa version 0.9.1

Description The issue is a stack-based buffer overflow that occurs in the readDataVar function in hdf/dataobject.c when reading a header message attribute.

Recommendations For libmysofa version 0.9.1, consider applying a patch or fix to address the buffer overflow issue in the readDataVar function. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

BDU:2025-03920

CVE-2020-6860

OPENSUSE-SU-2021:0444-1

OPENSUSE-SU-2021:0459-1

OPENSUSE-SU-2021_0444-1

OPENSUSE-SU-2024:10960-1

Affected Products

Astra Linux

Suse

Libmysofa

PT-2020-19272 · Libmysofa+2 · Libmysofa+2

CVE-2020-6860

Weakness Enumeration

Related Identifiers

Affected Products

References · 44