CVE-2018-3846

In the ffgphd and ffgtkn functions in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain code execution.
Configurations

Configuration 1

cpe:2.3:a:nasa:cfitsio:3.42:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*

Information

Published : 2018-04-16 04:29

Updated : 2022-11-28 10:07


NVD link : CVE-2018-3846

Mitre link : CVE-2018-3846

Products Affected
No products.
CWE