High severity7.5NVD Advisory· Published Jan 30, 2017· Updated May 13, 2026

CVE-2016-7544

Description

Crypto++ 5.6.4 incorrectly uses Microsoft's stack-based _malloca and _freea functions. The library will request a block of memory to align a table in memory. If the table is later reallocated, then the wrong pointer could be freed.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.openwall.com/lists/oss-security/2016/09/23/5nvdMailing ListPatchThird Party Advisory
www.openwall.com/lists/oss-security/2016/09/23/9nvdMailing ListPatchThird Party Advisory
github.com/weidai11/cryptopp/issues/302nvdIssue TrackingPatchThird Party Advisory
www.securityfocus.com/bid/93164nvdThird Party AdvisoryVDB Entry
www.cryptopp.com/release565.htmlnvdRelease NotesVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000