Unrated severityNVD Advisory· Published May 6, 2008· Updated Apr 23, 2026
CVE-2008-2080
CVE-2008-2080
Description
Stack-based buffer overflow in the Read32s_64 function in src/lib/cdfread64.c in the NASA Goddard Space Flight Center Common Data Format (CDF) library before 3.2.1 allows context-dependent attackers to execute arbitrary code via a .cdf file with crafted length tags.
Affected products
11cpe:2.3:a:nasa_goddard_space_flight_center:common_data_format:*:*:*:*:*:*:*:*+ 10 more
- cpe:2.3:a:nasa_goddard_space_flight_center:common_data_format:*:*:*:*:*:*:*:*range: <=3.2
- cpe:2.3:a:nasa_goddard_space_flight_center:common_data_format:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:nasa_goddard_space_flight_center:common_data_format:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:nasa_goddard_space_flight_center:common_data_format:2.2:*:*:*:*:*:*:*
- cpe:2.3:a:nasa_goddard_space_flight_center:common_data_format:2.3:*:*:*:*:*:*:*
- cpe:2.3:a:nasa_goddard_space_flight_center:common_data_format:2.4:*:*:*:*:*:*:*
- cpe:2.3:a:nasa_goddard_space_flight_center:common_data_format:2.5:*:*:*:*:*:*:*
- cpe:2.3:a:nasa_goddard_space_flight_center:common_data_format:2.6:*:*:*:*:*:*:*
- cpe:2.3:a:nasa_goddard_space_flight_center:common_data_format:2.7:*:*:*:*:*:*:*
- cpe:2.3:a:nasa_goddard_space_flight_center:common_data_format:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:nasa_goddard_space_flight_center:common_data_format:3.1:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
9- www.coresecurity.comnvdExploitPatch
- cdf.gsfc.nasa.gov/CDF32_buffer_overflow.htmlnvd
- secunia.com/advisories/30053nvd
- secunia.com/advisories/30169nvd
- security.gentoo.org/glsa/glsa-200805-14.xmlnvd
- www.securityfocus.com/bid/29045nvd
- www.securitytracker.com/idnvd
- www.vupen.com/english/advisories/2008/1440/referencesnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/42219nvd
News mentions
0No linked articles in our index yet.