CVE-2016-4330

High CVSS 8.6

Overview

In the HDF5 1.8.16 library's failure to check if the number of dimensions for an array read from the file is within the bounds of the space allocated for it, a heap-based buffer overflow will occur, potentially leading to arbitrary code execution.

CWE: CWE-119 Published: 2016-11-18T20:59:00.317

Risk analysis

This vulnerability is rated 🟠 HIGH.

CVSS: 8.6 (HIGH)
Detected tags: none (tag impact: LOW)

Recommended actions:

Prioritize remediation based on business criticality and exposure.
Limit exposure and increase monitoring until fixed.

Overview

Recommended tools

Tags