CFITSIO Library Image Parsing Buffer Overflow Vulnerabilities

CFITSIO Library Image Parsing Buffer Overflow Vulnerabilities

CVE-2018-3847 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Multiple exploitable buffer overflow vulnerabilities exist in image parsing functionality of the CFITSIO library version 3.42. Specially crafted images parsed via the library, can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain code execution.

Learn more about our Web Application Penetration Testing UK.