all InfoSec news
Vulnerability Spotlight: Three vulnerabilities in HDF5 file format could lead to remote code execution
Cisco Talos Intelligence Group - Comprehensive Threat Intelligence blog.talosintelligence.com
Dave McDaniel of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw.
Cisco Talos recently discovered three vulnerabilities in a library that works with the HDF5 file format that could allow an attacker to execute remote code on a targeted device.
These issues arise in the libhdf5 gif2h5 tool that’s normally used to convert a GIF file to the HDF5 format, commonly used to store large amounts of numerical data. An attacker could exploit these vulnerabilities by tricking a user …
code code execution remote code execution spotlight vulnerabilities vulnerability