Vulnerabilities > CVE-2018-17237 - Divide By Zero vulnerability in Hdfgroup Hdf5

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

hdfgroup

CWE-369

NVD

Published: 2018-09-20

Updated: 2023-08-09

Summary

A SIGFPE signal is raised in the function H5D__chunk_set_info_real() of H5Dchunk.c in the HDF HDF5 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. This issue is different from CVE-2018-11207.

Vulnerable Configurations

Part	Description	Count
Application	Hdfgroup Hdfgroup Hdf5 1.4.0 Hdfgroup Hdf5 1.4.1 Hdfgroup Hdf5 1.4.2 Hdfgroup Hdf5 1.4.3 Hdfgroup Hdf5 1.4.4 Hdfgroup Hdf5 1.4.5 Hdfgroup Hdf5 1.6.0 Hdfgroup Hdf5 1.6.1 Hdfgroup Hdf5 1.6.2 Hdfgroup Hdf5 1.6.3 Hdfgroup Hdf5 1.6.4 Hdfgroup Hdf5 1.6.5 Hdfgroup Hdf5 1.6.6 Hdfgroup Hdf5 1.6.7 Hdfgroup Hdf5 1.6.8 Hdfgroup Hdf5 1.6.9 Hdfgroup Hdf5 1.6.10 Hdfgroup Hdf5 1.8.0 Hdfgroup Hdf5 1.8.1 Hdfgroup Hdf5 1.8.2 Hdfgroup Hdf5 1.8.3 Hdfgroup Hdf5 1.8.4 Hdfgroup Hdf5 1.8.5 Hdfgroup Hdf5 1.8.6 Hdfgroup Hdf5 1.8.7 Hdfgroup Hdf5 1.8.8 Hdfgroup Hdf5 1.8.9 Hdfgroup Hdf5 1.8.10 Hdfgroup Hdf5 1.8.11 Hdfgroup Hdf5 1.8.12 Hdfgroup Hdf5 1.8.13 Hdfgroup Hdf5 1.8.14 Hdfgroup Hdf5 1.8.15 Hdfgroup Hdf5 1.8.16 Hdfgroup Hdf5 1.8.17 Hdfgroup Hdf5 1.8.18 Hdfgroup Hdf5 1.8.19 Hdfgroup Hdf5 1.8.20 Hdfgroup Hdf5 1.10.0 Hdfgroup Hdf5 1.10.1 Hdfgroup Hdf5 1.10.2 Hdfgroup Hdf5 1.10.3	42

Common Weakness Enumeration (CWE)

CWE-369 - Divide By Zero

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References