Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2016-4332

Опубликовано: 18 нояб. 2016
Источник: debian

Описание

The library's failure to check if certain message types support a particular flag, the HDF5 1.8.16 library will cast the structure to an alternative structure and then assign to fields that aren't supported by the message type and the library will write outside the bounds of the heap buffer. This can lead to code execution under the context of the library.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
hdf5fixed1.10.0-patch1+docs-1package

Примечания

  • http://www.talosintelligence.com/reports/TALOS-2016-0178/

  • Fixed by: https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/commits/e1d50d498a0affbbd6e088b524fd495ea95dea88

Связанные уязвимости

ubuntu логотип

CVE-2016-4332

CVSS3: 8.6
ubuntu
около 9 лет назад

The library's failure to check if certain message types support a particular flag, the HDF5 1.8.16 library will cast the structure to an alternative structure and then assign to fields that aren't supported by the message type and the library will write outside the bounds of the heap buffer. This can lead to code execution under the context of the library.

redhat логотип

CVE-2016-4332

CVSS3: 8.6
redhat
около 9 лет назад

The library's failure to check if certain message types support a particular flag, the HDF5 1.8.16 library will cast the structure to an alternative structure and then assign to fields that aren't supported by the message type and the library will write outside the bounds of the heap buffer. This can lead to code execution under the context of the library.

nvd логотип

CVE-2016-4332

CVSS3: 8.6
nvd
около 9 лет назад

The library's failure to check if certain message types support a particular flag, the HDF5 1.8.16 library will cast the structure to an alternative structure and then assign to fields that aren't supported by the message type and the library will write outside the bounds of the heap buffer. This can lead to code execution under the context of the library.

github логотип

GHSA-349c-4hpx-25pr

CVSS3: 8.6
github
больше 3 лет назад

The library's failure to check if certain message types support a particular flag, the HDF5 1.8.16 library will cast the structure to an alternative structure and then assign to fields that aren't supported by the message type and the library will write outside the bounds of the heap buffer. This can lead to code execution under the context of the library.

suse-cvrf логотип

SUSE-SU-2024:0882-1

suse-cvrf
почти 2 года назад

Security update for hdf5