Security Advisory

CVE-2018-3846

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-04-16 15:00:00

Last updated 2024-09-17 02:21:57

Assigner talos

State PUBLISHED

Description

In the ffgphd and ffgtkn functions in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain code execution.

← Browse all CVEs View on cve.org ↗