CVE-2018-3849

In the ffghtb function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain code execution.
Configurations

Configuration 1

cpe:2.3:a:nasa:cfitsio:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*

Information

Published : 2018-04-16 04:29

Updated : 2023-01-31 08:15


NVD link : CVE-2018-3849

Mitre link : CVE-2018-3849

Products Affected
No products.
CWE