Nasa Goddard Space Flight Center : Security Vulnerabilities, CVEs, (Overflow) CVSS score >= 2
Multiple buffer overflows in NASA Common Data Format (CDF) allow context-dependent attackers to execute arbitrary code, as demonstrated using (1) an array index error in the ReadAEDRList64 function, and other errors in the (2) SearchForRecord_r_64, (3) LastRecord64, (4) CDFsel64, and other unspecified functions.
Max CVSS
9.3
EPSS Score
0.09%
Published
2009-08-18
Updated
2009-08-21
Stack-based buffer overflow in the Read32s_64 function in src/lib/cdfread64.c in the NASA Goddard Space Flight Center Common Data Format (CDF) library before 3.2.1 allows context-dependent attackers to execute arbitrary code via a .cdf file with crafted length tags.
Max CVSS
7.5
EPSS Score
1.73%
Published
2008-05-06
Updated
2017-08-08
2 vulnerabilities found