Vulnerabilities > CVE-2017-17508 - Divide By Zero vulnerability in Hdfgroup Hdf5 1.10.1

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

hdfgroup

CWE-369

NVD

Published: 2017-12-11

Updated: 2017-12-19

Summary

In HDF5 1.10.1, there is a divide-by-zero vulnerability in the function H5T_set_loc in the H5T.c file in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.

Vulnerable Configurations

Part	Description	Count
Application	Hdfgroup Hdfgroup Hdf5 1.10.1	1

Common Weakness Enumeration (CWE)

CWE-369 - Divide By Zero

References

https://github.com/xiaoqx/pocs/tree/master/hdf5/readme.md