Vulnerabilities > CVE-2019-20016 - Out-of-bounds Write vulnerability in Symonics Libmysofa

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
symonics
CWE-787
NVD
Published: 2019-12-27
Updated: 2020-01-08

Summary

libmysofa before 2019-11-24 does not properly restrict recursive function calls, as demonstrated by reports of stack consumption in readOHDRHeaderMessageDatatype in dataobject.c and directblockRead in fractalhead.c. NOTE: a download of v0.9 after 2019-12-06 should fully remediate this issue.

Vulnerable Configurations

Part Description Count
Application
Symonics
8

Common Weakness Enumeration (CWE)

References