Download
| Alert*
oval:org.secpod.oval:def:116165
CFITSIO is a library of C and FORTRAN subroutines for reading and writing data files in FITS data format. CFITSIO simplifies the task of writing software that deals with FITS files by providing an easy to use set of high-level routines that insulate the programmer from the internal complexities of ... oval:org.secpod.oval:def:2000939 In the ffghbn function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain code execution. |