Vulnerability Spotlight: Three vulnerabilities in HDF5 file format could lead to remote code execution | allinfosecnews.com

Aug. 16, 2022, 2:03 p.m. | Jon Munshaw (noreply@blogger.com)

Cisco Talos Intelligence Group - Comprehensive Threat Intelligence blog.talosintelligence.com

Dave McDaniel of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw.

Cisco Talos recently discovered three vulnerabilities in a library that works with the HDF5 file format that could allow an attacker to execute remote code on a targeted device.

These issues arise in the libhdf5 gif2h5 tool that’s normally used to convert a GIF file to the HDF5 format, commonly used to store large amounts of numerical data. An attacker could exploit these vulnerabilities by tricking a user …

code code execution remote code execution spotlight vulnerabilities vulnerability

More from blog.talosintelligence.com / Cisco Talos Intelligence Group - Comprehensive Threat Intelligence

Could the Brazilian Supreme Court finally hold people accountable for sharing disinformation? 18 hours ago | blog.talosintelligence.com

account blocked court disinformation +8

OfflRouter virus causes Ukrainian users to upload confidential documents to VirusTotal 2 days ago | blog.talosintelligence.com

cisco cisco talos code confidential +20

Large-scale brute-force activity targeting VPNs, SSH services with commonly used login credentials 3 days ago | blog.talosintelligence.com

attacks brute brute-force cisco +24

The internet is already scary enough without April Fool’s jokes 1 week ago | blog.talosintelligence.com

april backdoor community internet +7

Vulnerability in some TP-Link routers could lead to factory reset 1 week, 1 day ago | blog.talosintelligence.com

amd directx driver factory +10

April’s Patch Tuesday includes 150 vulnerabilities, 60 which could lead to remote code execution 1 week, 2 days ago | blog.talosintelligence.com

april code code execution critical +10

Starry Addax targets human rights defenders in North Africa with new malware 1 week, 3 days ago | blog.talosintelligence.com

activists actor africa cisco +18

There are plenty of ways to improve cybersecurity that don’t involve making workers return to … 2 weeks ago | blog.talosintelligence.com

actions april cybersecurity don +14

CoralRaider targets victims’ data and social media accounts 2 weeks, 1 day ago | blog.talosintelligence.com

accounts actor calling cisco +14

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Information Security Manager & ISSO

@ Federal Reserve System | Minneapolis, MN

View on infosec-jobs.com

Forensic Lead

@ Arete | Hyderabad

View on infosec-jobs.com

Lead Security Risk Analyst (GRC)

@ Justworks, Inc. | New York City

View on infosec-jobs.com

Consultant Senior en Gestion de Crise Cyber et Continuité d’Activité H/F

@ Hifield | Sèvres, France

View on infosec-jobs.com