Vulnerabilities > CVE-2019-20016 - Out-of-bounds Write vulnerability in Symonics Libmysofa

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
symonics
CWE-787
NVD
Published: 2019-12-27
Updated: 2020-01-08

Summary

libmysofa before 2019-11-24 does not properly restrict recursive function calls, as demonstrated by reports of stack consumption in readOHDRHeaderMessageDatatype in dataobject.c and directblockRead in fractalhead.c. NOTE: a download of v0.9 after 2019-12-06 should fully remediate this issue.

Vulnerable Configurations

Part Description Count
Application
Symonics
8

Common Weakness Enumeration (CWE)

References