Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2016-4331

Опубликовано: 18 нояб. 2016
Источник: debian

Описание

When decoding data out of a dataset encoded with the H5Z_NBIT decoding, the HDF5 1.8.16 library will fail to ensure that the precision is within the bounds of the size leading to arbitrary code execution.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
hdf5fixed1.10.0-patch1+docs-1package

Примечания

  • http://www.talosintelligence.com/reports/TALOS-2016-0177/

  • Fixed by: https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/commits/e1c4ec3d541eecda78b3afcb1a0fa071c4b52afa

  • Fixed by: https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/commits/43ec23616697ce0ea3f99e40900fec55fe9107ef

Связанные уязвимости

ubuntu логотип

CVE-2016-4331

CVSS3: 8.6
ubuntu
около 9 лет назад

When decoding data out of a dataset encoded with the H5Z_NBIT decoding, the HDF5 1.8.16 library will fail to ensure that the precision is within the bounds of the size leading to arbitrary code execution.

redhat логотип

CVE-2016-4331

CVSS3: 8.6
redhat
около 9 лет назад

When decoding data out of a dataset encoded with the H5Z_NBIT decoding, the HDF5 1.8.16 library will fail to ensure that the precision is within the bounds of the size leading to arbitrary code execution.

nvd логотип

CVE-2016-4331

CVSS3: 8.6
nvd
около 9 лет назад

When decoding data out of a dataset encoded with the H5Z_NBIT decoding, the HDF5 1.8.16 library will fail to ensure that the precision is within the bounds of the size leading to arbitrary code execution.

github логотип

GHSA-4hhr-jhmc-r3cj

CVSS3: 8.6
github
больше 3 лет назад

When decoding data out of a dataset encoded with the H5Z_NBIT decoding, the HDF5 1.8.16 library will fail to ensure that the precision is within the bounds of the size leading to arbitrary code execution.