In the ffghbn function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain code execution.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
nasa cfitsio |
||
fedoraproject fedora 28 |