Home arrow US-CERT Computer Emergency Readiness Team arrow Common Data Format Buffer Overflow Vulnerability

Common Data Format Buffer Overflow Vulnerability

NASA has issued an advisoryadvisory regarding a vulnerability in Common Data Format (CDF) version 3.2 and earlier. This vulnerability is due to a buffer overflow condition in the handling of specially-crafted CDF files. Exploitation of this vulnerability may allow an attacker to execute arbitrary code.

US-CERT encourages users to review the NASA advisoryadvisory and update to CDF 3.2.1 to help mitigate the risk.

US-CERT will provide additional information as it becomes available.

Read more: US-CERT Current Activity