Download
| Alert*
oval:org.secpod.oval:def:116165
CFITSIO is a library of C and FORTRAN subroutines for reading and writing data files in FITS data format. CFITSIO simplifies the task of writing software that deals with FITS files by providing an easy to use set of high-level routines that insulate the programmer from the internal complexities of ... oval:org.secpod.oval:def:2001224 In the ffgphd and ffgtkn functions in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain code execution. |