CVE-2016-4333: Buffer Overflow
First published: Fri Nov 18 2016(Updated: )
The HDF5 1.8.16 library allocating space for the array using a value from the file has an impact within the loop for initializing said array allowing a value within the file to modify the loop's terminator. Due to this, an aggressor can cause the loop's index to point outside the bounds of the array when initializing it.
Credit: cret@cert.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| HDF5 | =1.8.16 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2016-4333?
CVE-2016-4333 is classified as a high severity vulnerability due to potential out-of-bounds write conditions.
How do I fix CVE-2016-4333?
To fix CVE-2016-4333, upgrade the HDF5 library to version 1.8.17 or later.
What are the consequences of exploiting CVE-2016-4333?
Exploiting CVE-2016-4333 may allow an attacker to corrupt memory, potentially leading to arbitrary code execution.
Which versions of HDF5 are affected by CVE-2016-4333?
CVE-2016-4333 affects HDF5 version 1.8.16.
Is CVE-2016-4333 an issue in a specific environment?
CVE-2016-4333 primarily impacts environments that utilize HDF5 1.8.16 for large data processing.
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/weakness
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/hdfgroup
- canonical/hdf5
- version/hdf5/1.8.16