Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Stack-based buffer overflow in the Read32s_64 function in src/lib/cdfread64.c in the NASA Goddard Space Flight Center Common Data Format (CDF) library before 3.2.1 allows context-dependent attackers to execute arbitrary code via a .cdf file with crafted length tags.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
NASA CDF库src/lib/cdfread64.c文件栈溢出漏洞
Vulnerability Description
通用数据格式(CDF)是由NASA戈达德航天飞行中心开发的用于存储和操控标量和多维数据的数据格式。 CDF库在打开无效的CDF输入文件时存在栈溢出漏洞,允许攻击者在使用该库的应用程序环境中执行任意指令或导致整个应用程序崩溃。 漏洞存在于src/lib/cdfread64.c文件的以下代码中。Read32s_64函数将数据从文件读取到缓冲区,temp缓冲区大小为MAX_READ32s,但没有检查count参数,因此大于MAX_READ32s的参数可能会触发栈溢出。 /----------- 57 STATI
CVSS Information
N/A
Vulnerability Type
N/A