CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

ClassStableLikelihood: High

Description

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Hierarchy (View 1000)

Parents

CWE-118

Children

Related attack patterns (CAPEC)

CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9

CVEs mapped to this weakness (9,878)

page 104 of 494

CVE	Vendor / Product	Sev	Risk	CVSS	Published	Description
CVE-2017-14555	Stdutility Stdu Viewer	Hig	0.51	7.8	Sep 18, 2017	STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at STDUDjVuFile!DllUnregisterServer+0x000000000000ec6e."
CVE-2017-14554	Stdutility Stdu Viewer	Hig	0.51	7.8	Sep 18, 2017	STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to a "Possible Stack Corruption starting at STDUDjVuFile!DllUnregisterServer+0x000000000000d908."
CVE-2017-14553	Stdutility Stdu Viewer	Hig	0.51	7.8	Sep 18, 2017	STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .djvu file, related to a "User Mode Write AV starting at STDUDjVuFile!DllUnregisterServer+0x00000000000085f5."
CVE-2017-14552	Stdutility Stdu Viewer	Hig	0.51	7.8	Sep 18, 2017	STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .djvu file, related to a "User Mode Write AV starting at STDUDjVuFile!DllUnregisterServer+0x000000000000d9a9."
CVE-2017-14551	Stdutility Stdu Viewer	Hig	0.51	7.8	Sep 18, 2017	STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to "Data from Faulting Address controls Branch Selection starting at STDUDjVuFile!DllUnregisterServer+0x000000000000d9f2."
CVE-2017-14550	Stdutility Stdu Viewer	Hig	0.51	7.8	Sep 18, 2017	STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to a "Possible Stack Corruption starting at STDUDjVuFile!DllUnregisterServer+0x000000000000e8b8."
CVE-2017-14549	Stdutility Stdu Viewer	Hig	0.51	7.8	Sep 18, 2017	STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .djvu file, related to a "Heap Corruption starting at wow64!Wow64NotifyDebugger+0x000000000000001d."
CVE-2017-14548	Stdutility Stdu Viewer	Hig	0.51	7.8	Sep 18, 2017	STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .djvu file, related to a "User Mode Write AV starting at STDUDjVuFile!DllUnregisterServer+0x000000000000854d."
CVE-2017-14547	Stdutility Stdu Viewer	Hig	0.51	7.8	Sep 18, 2017	STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .mobi file, related to a "Read Access Violation starting at STDUMOBIFile!DllUnregisterServer+0x000000000002efc0."
CVE-2017-14546	Stdutility Stdu Viewer	Hig	0.51	7.8	Sep 18, 2017	STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .epub file, related to an "Error Code (0xe06d7363) starting at wow64!Wow64NotifyDebugger+0x000000000000001d."
CVE-2017-14545	Stdutility Stdu Viewer	Hig	0.51	7.8	Sep 18, 2017	STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .epub file, related to "Data from Faulting Address controls Branch Selection starting at STDUEPubFile!DllUnregisterServer+0x0000000000010332."
CVE-2017-14544	Stdutility Stdu Viewer	Hig	0.51	7.8	Sep 18, 2017	STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .epub file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at STDUEPubFile!DllUnregisterServer+0x000000000003fff1."
CVE-2017-14543	Stdutility Stdu Viewer	Hig	0.51	7.8	Sep 18, 2017	STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .epub file, related to "Data from Faulting Address controls Branch Selection starting at STDUEPubFile!DllUnregisterServer+0x0000000000039335."
CVE-2017-14542	Stdutility Stdu Viewer	Hig	0.51	7.8	Sep 18, 2017	STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .epub file, related to a "Read Access Violation on Block Data Move starting at STDUEPubFile!DllUnregisterServer+0x0000000000010262."
CVE-2017-14541	Xnview Xnview	Hig	0.51	7.8	Sep 18, 2017	XnView Classic for Windows Version 2.40 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .svg file, related to "Data from Faulting Address controls Branch Selection starting at CADImage+0x000000000001f23e."
CVE-2017-14540	IrfanView Irfanview	Hig	0.51	7.8	Sep 18, 2017	IrfanView 4.44 - 32bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .svg file, related to "Data from Faulting Address controls Branch Selection starting at CADIMAGE+0x000000000001f23e."
CVE-2017-14539	IrfanView Irfanview	Hig	0.51	7.8	Sep 18, 2017	IrfanView 4.44 - 32bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .svg file, related to "Data from Faulting Address controls Branch Selection starting at image00000000_00400000+0x000000000011d767."
CVE-2017-14538	Xnview Xnview	Hig	0.51	7.8	Sep 18, 2017	XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to "Data from Faulting Address controls subsequent Write Address starting at jbig2dec+0x0000000000008823."
CVE-2017-14497	Debian Debian Linux	Hig	0.51	7.8	Sep 15, 2017	The tpacket_rcv function in net/packet/af_packet.c in the Linux kernel before 4.13 mishandles vnet headers, which might allow local users to cause a denial of service (buffer overflow, and disk and memory corruption) or possibly have unspecified other impact via crafted system calls.
CVE-2017-7441	Sophos Hitmanpro	Hig	0.51	7.8	Sep 13, 2017	In Sophos SurfRight HitmanPro before 3.7.20 Build 286 (included in the HitmanPro.Alert solution and Sophos Clean), a crafted IOCTL with code 0x22E1C0 might lead to kernel data leaks. Because the leak occurs at the driver level, an attacker can use this vulnerability to leak some critical information about the machine such as nt!ExpPoolQuotaCookie.

CVE-2017-14555HigSep 18, 2017
Stdutility
Stdu Viewer
risk 0.51cvss 7.8epss 0.00
STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at STDUDjVuFile!DllUnregisterServer+0x000000000000ec6e."
CVE-2017-14554HigSep 18, 2017
Stdutility
Stdu Viewer
risk 0.51cvss 7.8epss 0.00
STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to a "Possible Stack Corruption starting at STDUDjVuFile!DllUnregisterServer+0x000000000000d908."
CVE-2017-14553HigSep 18, 2017
Stdutility
Stdu Viewer
risk 0.51cvss 7.8epss 0.00
STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .djvu file, related to a "User Mode Write AV starting at STDUDjVuFile!DllUnregisterServer+0x00000000000085f5."
CVE-2017-14552HigSep 18, 2017
Stdutility
Stdu Viewer
risk 0.51cvss 7.8epss 0.00
STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .djvu file, related to a "User Mode Write AV starting at STDUDjVuFile!DllUnregisterServer+0x000000000000d9a9."
CVE-2017-14551HigSep 18, 2017
Stdutility
Stdu Viewer
risk 0.51cvss 7.8epss 0.00
STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to "Data from Faulting Address controls Branch Selection starting at STDUDjVuFile!DllUnregisterServer+0x000000000000d9f2."
CVE-2017-14550HigSep 18, 2017
Stdutility
Stdu Viewer
risk 0.51cvss 7.8epss 0.00
STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to a "Possible Stack Corruption starting at STDUDjVuFile!DllUnregisterServer+0x000000000000e8b8."
CVE-2017-14549HigSep 18, 2017
Stdutility
Stdu Viewer
risk 0.51cvss 7.8epss 0.00
STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .djvu file, related to a "Heap Corruption starting at wow64!Wow64NotifyDebugger+0x000000000000001d."
CVE-2017-14548HigSep 18, 2017
Stdutility
Stdu Viewer
risk 0.51cvss 7.8epss 0.00
STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .djvu file, related to a "User Mode Write AV starting at STDUDjVuFile!DllUnregisterServer+0x000000000000854d."
CVE-2017-14547HigSep 18, 2017
Stdutility
Stdu Viewer
risk 0.51cvss 7.8epss 0.00
STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .mobi file, related to a "Read Access Violation starting at STDUMOBIFile!DllUnregisterServer+0x000000000002efc0."
CVE-2017-14546HigSep 18, 2017
Stdutility
Stdu Viewer
risk 0.51cvss 7.8epss 0.00
STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .epub file, related to an "Error Code (0xe06d7363) starting at wow64!Wow64NotifyDebugger+0x000000000000001d."
CVE-2017-14545HigSep 18, 2017
Stdutility
Stdu Viewer
risk 0.51cvss 7.8epss 0.00
STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .epub file, related to "Data from Faulting Address controls Branch Selection starting at STDUEPubFile!DllUnregisterServer+0x0000000000010332."
CVE-2017-14544HigSep 18, 2017
Stdutility
Stdu Viewer
risk 0.51cvss 7.8epss 0.00
STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .epub file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at STDUEPubFile!DllUnregisterServer+0x000000000003fff1."
CVE-2017-14543HigSep 18, 2017
Stdutility
Stdu Viewer
risk 0.51cvss 7.8epss 0.00
STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .epub file, related to "Data from Faulting Address controls Branch Selection starting at STDUEPubFile!DllUnregisterServer+0x0000000000039335."
CVE-2017-14542HigSep 18, 2017
Stdutility
Stdu Viewer
risk 0.51cvss 7.8epss 0.00
STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .epub file, related to a "Read Access Violation on Block Data Move starting at STDUEPubFile!DllUnregisterServer+0x0000000000010262."
CVE-2017-14541HigSep 18, 2017
Xnview
Xnview
risk 0.51cvss 7.8epss 0.00
XnView Classic for Windows Version 2.40 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .svg file, related to "Data from Faulting Address controls Branch Selection starting at CADImage+0x000000000001f23e."
CVE-2017-14540HigSep 18, 2017
IrfanView
Irfanview
risk 0.51cvss 7.8epss 0.00
IrfanView 4.44 - 32bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .svg file, related to "Data from Faulting Address controls Branch Selection starting at CADIMAGE+0x000000000001f23e."
CVE-2017-14539HigSep 18, 2017
IrfanView
Irfanview
risk 0.51cvss 7.8epss 0.00
IrfanView 4.44 - 32bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .svg file, related to "Data from Faulting Address controls Branch Selection starting at image00000000_00400000+0x000000000011d767."
CVE-2017-14538HigSep 18, 2017
Xnview
Xnview
risk 0.51cvss 7.8epss 0.00
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to "Data from Faulting Address controls subsequent Write Address starting at jbig2dec+0x0000000000008823."
CVE-2017-14497HigSep 15, 2017
Debian
Debian Linux
risk 0.51cvss 7.8epss 0.00
The tpacket_rcv function in net/packet/af_packet.c in the Linux kernel before 4.13 mishandles vnet headers, which might allow local users to cause a denial of service (buffer overflow, and disk and memory corruption) or possibly have unspecified other impact via crafted system calls.
CVE-2017-7441HigSep 13, 2017
Sophos
Hitmanpro
risk 0.51cvss 7.8epss 0.00
In Sophos SurfRight HitmanPro before 3.7.20 Build 286 (included in the HitmanPro.Alert solution and Sophos Clean), a crafted IOCTL with code 0x22E1C0 might lead to kernel data leaks. Because the leak occurs at the driver level, an attacker can use this vulnerability to leak some critical information about the machine such as nt!ExpPoolQuotaCookie.