VYPR

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

ClassStableLikelihood: High

Description

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9

CVEs mapped to this weakness (10,979)

page 106 of 549
  • CVE-2016-7084HigDec 29, 2016
    risk 0.54cvss 7.8epss 0.02

    tpview.dll in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allows guest OS users to execute arbitrary code on the host OS or cause a denial of service (host OS memory…

  • CVE-2016-7083HigDec 29, 2016
    risk 0.54cvss 7.8epss 0.01

    VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary code on the host OS or cause a denial of service (host OS memory corruption) via…

  • CVE-2016-9793HigDec 28, 2016
    risk 0.54cvss 7.8epss 0.02

    The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by…

  • CVE-2016-6187HigAug 6, 2016
    risk 0.54cvss 7.8epss 0.02

    The apparmor_setprocattr function in security/apparmor/lsm.c in the Linux kernel before 4.6.5 does not validate the buffer size, which allows local users to gain privileges by triggering an AppArmor setprocattr hook.

  • CVE-2016-4472HigJun 30, 2016
    risk 0.54cvss 8.1epss 0.12

    The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted XML data. NOTE: this vulnerability exists because of an incomplete fix…

  • CVE-2016-1861HigJun 19, 2016
    risk 0.54cvss 7.8epss 0.04

    The NVIDIA Graphics Drivers subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1846.

  • CVE-2016-1886HigMay 25, 2016
    risk 0.54cvss 7.8epss 0.01

    Integer signedness error in the genkbd_commonioctl function in sys/dev/kbd/kbd.c in FreeBSD 9.3 before p42, 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to obtain sensitive information from kernel memory, cause a denial of service (memory overwrite and…

  • CVE-2016-1848HigMay 20, 2016
    risk 0.54cvss 7.8epss 0.05

    QuickTime in Apple OS X before 10.11.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file.

  • CVE-2016-1846HigMay 20, 2016
    risk 0.54cvss 7.8epss 0.05

    The nvCommandQueue::GetHandleIndex method in the NVIDIA Graphics Drivers subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference and memory corruption) via a crafted app.

  • CVE-2016-1828HigMay 20, 2016
    risk 0.54cvss 7.8epss 0.06

    The kernel in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than…

  • CVE-2016-1827HigMay 20, 2016
    risk 0.54cvss 7.8epss 0.06

    The kernel in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than…

  • CVE-2016-1825HigMay 20, 2016
    risk 0.54cvss 7.8epss 0.06

    IOHIDFamily in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

  • CVE-2016-3994HigMay 13, 2016
    risk 0.54cvss 8.2epss 0.03

    The GIF loader in imlib2 before 1.4.9 allows remote attackers to cause a denial of service (application crash) or obtain sensitive information via a crafted image, which triggers an out-of-bounds read.

  • CVE-2016-3986HigApr 12, 2016
    risk 0.54cvss 7.8epss 0.08

    Avast allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a crafted PE file, related to authenticode parsing.

  • CVE-2016-3947HigApr 7, 2016
    risk 0.54cvss 8.2epss 0.15

    Heap-based buffer overflow in the Icmp6::Recv function in icmp/Icmp6.cc in the pinger utility in Squid before 3.5.16 and 4.x before 4.0.8 allows remote servers to cause a denial of service (performance degradation or transition failures) or write sensitive information to log…

  • CVE-2016-3142HigMar 31, 2016
    risk 0.54cvss 8.2epss 0.05

    The phar_parse_zipfile function in zip.c in the PHAR extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and application crash) by placing a PK\x05\x06…

  • CVE-2016-1769HigMar 24, 2016
    risk 0.54cvss 7.8epss 0.05

    QuickTime in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Photoshop file.

  • CVE-2016-1767HigMar 24, 2016
    risk 0.54cvss 7.8epss 0.05

    QuickTime in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix image, a different vulnerability than CVE-2016-1768.

  • CVE-2016-1755HigMar 24, 2016
    risk 0.54cvss 7.8epss 0.05

    The kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1754.

  • CVE-2016-1749HigMar 24, 2016
    risk 0.54cvss 7.8epss 0.04

    IOUSBFamily in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.