Christian Hoene

CVE-2019-10672 WRITEUP CRITICAL WRITEUP

Symonics Libmysofa < 0.7 - Improper Input Validation

treeRead in hdf/btree.c in libmysofa before 0.7 does not properly validate multiplications and additions.

CVSS 9.8

View Code

CVE-2019-20016 WRITEUP MEDIUM WRITEUP

Symonics Libmysofa < 0.9 - Out-of-Bounds Write

libmysofa before 2019-11-24 does not properly restrict recursive function calls, as demonstrated by reports of stack consumption in readOHDRHeaderMessageDatatype in dataobject.c and directblockRead in fractalhead.c. NOTE: a download of v0.9 after 2019-12-06 should fully remediate this issue.

CVSS 6.5

View Code

CVE-2021-3756 WRITEUP CRITICAL WRITEUP

libmysofa - Buffer Overflow

libmysofa is vulnerable to Heap-based Buffer Overflow

CVSS 9.8

View Code