VYPR

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

ClassStableLikelihood: High

Description

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9

CVEs mapped to this weakness (10,979)

page 104 of 549
  • CVE-2017-9872HigJun 25, 2017
    risk 0.54cvss 7.8epss 0.10

    The III_dequantize_sample function in layer3.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a…

  • CVE-2017-3629HigJun 22, 2017
    risk 0.54cvss 7.8epss 0.05

    Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to…

  • CVE-2017-1000366HigJun 19, 2017
    risk 0.54cvss 7.8epss 0.03

    glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent…

  • CVE-2017-9756HigJun 19, 2017
    risk 0.54cvss 7.8epss 0.08

    The aarch64_ext_ldst_reglist function in opcodes/aarch64-dis.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of…

  • CVE-2017-9750HigJun 19, 2017
    risk 0.54cvss 7.8epss 0.08

    opcodes/rx-decode.opc in GNU Binutils 2.28 lacks bounds checks for certain scale arrays, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by…

  • CVE-2017-9749HigJun 19, 2017
    risk 0.54cvss 7.8epss 0.09

    The *regs* macros in opcodes/bfin-dis.c in GNU Binutils 2.28 allow remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during…

  • CVE-2017-9748HigJun 19, 2017
    risk 0.54cvss 7.8epss 0.08

    The ieee_object_p function in bfd/ieee.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, might allow remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via…

  • CVE-2017-9747HigJun 19, 2017
    risk 0.54cvss 7.8epss 0.08

    The ieee_archive_p function in bfd/ieee.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, might allow remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact…

  • CVE-2017-9746HigJun 19, 2017
    risk 0.54cvss 7.8epss 0.09

    The disassemble_bytes function in objdump.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of rae insns printing…

  • CVE-2017-9742HigJun 19, 2017
    risk 0.54cvss 7.8epss 0.08

    The score_opcodes function in opcodes/score7-dis.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file…

  • CVE-2017-2799HigMay 24, 2017
    risk 0.54cvss 8.3epss 0.01

    An exploitable heap corruption vulnerability exists in the AddSst functionality of Antenna House DMC HTMLFilter as used by MarkLogic 8.0-6. A specially crafted XLS file can cause a heap corruption resulting in arbitrary code execution. An attacker can send or provide a malicious…

  • CVE-2017-2798HigMay 24, 2017
    risk 0.54cvss 8.3epss 0.01

    An exploitable heap corruption vulnerability exists in the GetIndexArray functionality of Antenna House DMC HTMLFilter as used by MarkLogic 8.0-6. A specially crafted XLS file can cause a heap corruption resulting in arbitrary code execution. An attacker can send or provide a…

  • CVE-2017-8311HigMay 23, 2017
    risk 0.54cvss 7.8epss 0.09

    Potential heap based buffer overflow in ParseJSS in VideoLAN VLC before 2.2.5 due to skipping NULL terminator in an input string allows attackers to execute arbitrary code via a crafted subtitles file.

  • CVE-2017-2797HigMay 23, 2017
    risk 0.54cvss 8.3epss 0.01

    An exploitable heap overflow vulnerability exists in the ParseEnvironment functionality of AntennaHouse DMC HTMLFilter as used by MarkLogic 8.0-6.

  • CVE-2017-2794HigMay 23, 2017
    risk 0.54cvss 8.3epss 0.01

    An exploitable stack-based buffer overflow vulnerability exists in the DHFSummary functionality of AntennaHouse DMC HTMLFilter as used by MarkLogic 8.0-6. A specially crafted PPT file can cause a stack corruption resulting in arbitrary code execution. An attacker can…

  • CVE-2017-2793HigMay 23, 2017
    risk 0.54cvss 8.3epss 0.01

    An exploitable heap corruption vulnerability exists in the UnCompressUnicode functionality of Antenna House DMC HTMLFilter used by MarkLogic 8.0-6. A specially crafted xls file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide…

  • CVE-2017-2783HigMay 23, 2017
    risk 0.54cvss 8.3epss 0.01

    An exploitable heap corruption vulnerability exists in the FillRowFormat functionality of Antenna House DMC HTMLFilter that is shipped with MarkLogic 8.0-6. A specially crafted xls file can cause a heap corruption resulting in arbitrary code execution. An attacker can…

  • CVE-2017-6999HigMay 22, 2017
    risk 0.54cvss 7.8epss 0.05

    An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "AVEVideoEncoder" component. It allows attackers to execute arbitrary code in a privileged context or cause…

  • CVE-2017-6998HigMay 22, 2017
    risk 0.54cvss 7.8epss 0.04

    An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "AVEVideoEncoder" component. It allows attackers to execute arbitrary code in a privileged context or cause…

  • CVE-2017-6997HigMay 22, 2017
    risk 0.54cvss 7.8epss 0.05

    An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "AVEVideoEncoder" component. It allows attackers to execute arbitrary code in a privileged context or cause…