CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Hdfgroup » Hdf5 : Security Vulnerabilities Published In 2018 (Denial Of Service)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2018-17438 369 DoS 2018-09-24 2018-11-09
4.3
None Remote Medium Not required None None Partial
A SIGFPE signal is raised in the function H5D__select_io() of H5Dselect.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack.
2 CVE-2018-17437 772 DoS 2018-09-24 2019-10-02
4.3
None Remote Medium Not required None None Partial
Memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (memory consumption) via a crafted HDF5 file.
3 CVE-2018-17436 787 DoS 2018-09-24 2018-11-09
4.3
None Remote Medium Not required None None Partial
ReadCode() in decompress.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (invalid write access) via a crafted HDF5 file. This issue was triggered while converting a GIF file to an HDF file.
4 CVE-2018-17435 125 DoS 2018-09-24 2019-10-02
4.3
None Remote Medium Not required None None Partial
A heap-based buffer over-read in H5O_attr_decode() in H5Oattr.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while converting an HDF file to GIF file.
5 CVE-2018-17434 369 DoS 2018-09-24 2018-11-28
4.3
None Remote Medium Not required None None Partial
A SIGFPE signal is raised in the function apply_filters() of h5repack_filters.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack.
6 CVE-2018-17433 119 DoS Overflow 2018-09-24 2018-11-09
4.3
None Remote Medium Not required None None Partial
A heap-based buffer overflow in ReadGifImageDesc() in gifread.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while converting a GIF file to an HDF file.
7 CVE-2018-17432 476 DoS 2018-09-24 2018-11-09
4.3
None Remote Medium Not required None None Partial
A NULL pointer dereference in H5O_sdspace_encode() in H5Osdspace.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file.
8 CVE-2018-17234 772 DoS 2018-09-20 2019-10-02
4.3
None Remote Medium Not required None None Partial
Memory leak in the H5O__chunk_deserialize() function in H5Ocache.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (memory consumption) via a crafted HDF5 file.
9 CVE-2018-17233 369 DoS 2018-09-20 2018-11-21
4.3
None Remote Medium Not required None None Partial
A SIGFPE signal is raised in the function H5D__create_chunk_file_map_hyper() of H5Dchunk.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack.
10 CVE-2018-15671 400 DoS 2018-08-21 2018-10-16
4.3
None Remote Medium Not required None None Partial
An issue was discovered in the HDF HDF5 1.10.2 library. Excessive stack consumption has been detected in the function H5P__get_cb() in H5Pint.c during an attempted parse of a crafted HDF file. This results in denial of service.
11 CVE-2018-11207 369 DoS 2018-05-16 2018-08-29
4.3
None Remote Medium Not required None None Partial
A division by zero was discovered in H5D__chunk_init in H5Dchunk.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.
12 CVE-2018-11206 125 DoS 2018-05-16 2018-08-29
5.8
None Remote Medium Not required Partial None Partial
An out of bounds read was discovered in H5O_fill_new_decode and H5O_fill_old_decode in H5Ofill.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service or information disclosure attack.
13 CVE-2018-11205 125 DoS 2018-05-16 2018-06-15
5.8
None Remote Medium Not required Partial None Partial
A out of bounds read was discovered in H5VM_memcpyvv in H5VM.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service or information disclosure attack.
14 CVE-2018-11204 476 DoS 2018-05-16 2018-06-15
4.3
None Remote Medium Not required None None Partial
A NULL pointer dereference was discovered in H5O__chunk_deserialize in H5Ocache.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.
15 CVE-2018-11203 369 DoS 2018-05-16 2018-06-15
4.3
None Remote Medium Not required None None Partial
A division by zero was discovered in H5D__btree_decode_key in H5Dbtree.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.
16 CVE-2018-11202 476 DoS 2018-05-16 2018-06-18
4.3
None Remote Medium Not required None None Partial
A NULL pointer dereference was discovered in H5S_hyper_make_spans in H5Shyper.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.
Total number of vulnerabilities : 16   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.