Heap-Based Buffer Over-Read Vulnerability in Mat_VarReadNextInfo4 Function of MATIO 1.5.17

Heap-Based Buffer Over-Read Vulnerability in Mat_VarReadNextInfo4 Function of MATIO 1.5.17

CVE-2019-17533 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

Mat_VarReadNextInfo4 in mat4.c in MATIO 1.5.17 omits a certain '\0' character, leading to a heap-based buffer over-read in strdup_vprintf when uninitialized memory is accessed.

Learn more about our Web Application Penetration Testing UK.