Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2016-4332

Опубликовано: 18 нояб. 2016
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 6.9
CVSS3: 8.6

Описание

The library's failure to check if certain message types support a particular flag, the HDF5 1.8.16 library will cast the structure to an alternative structure and then assign to fields that aren't supported by the message type and the library will write outside the bounds of the heap buffer. This can lead to code execution under the context of the library.

РелизСтатусПримечание
artful

ignored

end of life
bionic

not-affected

1.10.0-patch1+docs-1~exp5
devel

not-affected

1.10.0-patch1+docs-1~exp5
esm-apps/bionic

not-affected

1.10.0-patch1+docs-1~exp5
esm-apps/xenial

released

1.8.16+docs-4ubuntu1.1
esm-infra-legacy/trusty

released

1.8.11-5ubuntu7.1
precise

ignored

end of life
precise/esm

DNE

precise was needs-triage
trusty

released

1.8.11-5ubuntu7.1
trusty/esm

released

1.8.11-5ubuntu7.1

Показывать по

Ссылки на источники

EPSS

Процентиль: 30%
0.0011
Низкий

6.9 Medium

CVSS2

8.6 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2016-4332

CVSS3: 8.6
redhat
около 9 лет назад

The library's failure to check if certain message types support a particular flag, the HDF5 1.8.16 library will cast the structure to an alternative structure and then assign to fields that aren't supported by the message type and the library will write outside the bounds of the heap buffer. This can lead to code execution under the context of the library.

nvd логотип

CVE-2016-4332

CVSS3: 8.6
nvd
около 9 лет назад

The library's failure to check if certain message types support a particular flag, the HDF5 1.8.16 library will cast the structure to an alternative structure and then assign to fields that aren't supported by the message type and the library will write outside the bounds of the heap buffer. This can lead to code execution under the context of the library.

debian логотип

CVE-2016-4332

CVSS3: 8.6
debian
около 9 лет назад

The library's failure to check if certain message types support a part ...

github логотип

GHSA-349c-4hpx-25pr

CVSS3: 8.6
github
больше 3 лет назад

The library's failure to check if certain message types support a particular flag, the HDF5 1.8.16 library will cast the structure to an alternative structure and then assign to fields that aren't supported by the message type and the library will write outside the bounds of the heap buffer. This can lead to code execution under the context of the library.

suse-cvrf логотип

SUSE-SU-2024:0882-1

suse-cvrf
почти 2 года назад

Security update for hdf5

EPSS

Процентиль: 30%
0.0011
Низкий

6.9 Medium

CVSS2

8.6 High

CVSS3