VYPR

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

ClassStableLikelihood: High

Description

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9

CVEs mapped to this weakness (10,979)

page 152 of 549
  • CVE-2017-9754HigJun 19, 2017
    risk 0.51cvss 7.8epss 0.03

    The process_otr function in bfd/versados.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, does not validate a certain offset, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or…

  • CVE-2017-9753HigJun 19, 2017
    risk 0.51cvss 7.8epss 0.03

    The versados_mkobject function in bfd/versados.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, does not initialize a certain data structure, which allows remote attackers to cause a denial of service (buffer overflow and…

  • CVE-2017-9752HigJun 19, 2017
    risk 0.51cvss 7.8epss 0.03

    bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as…

  • CVE-2017-9751HigJun 19, 2017
    risk 0.51cvss 7.8epss 0.03

    opcodes/rl78-decode.opc in GNU Binutils 2.28 has an unbounded GETBYTE macro, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of…

  • CVE-2017-9745HigJun 19, 2017
    risk 0.51cvss 7.8epss 0.03

    The _bfd_vms_slurp_etir function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other…

  • CVE-2017-9744HigJun 19, 2017
    risk 0.51cvss 7.8epss 0.03

    The sh_elf_set_mach_from_flags function in bfd/elf32-sh.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified…

  • CVE-2017-9743HigJun 19, 2017
    risk 0.51cvss 7.8epss 0.03

    The print_insn_score32 function in opcodes/score7-dis.c:552 in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of…

  • CVE-2016-10395HigJun 15, 2017
    risk 0.51cvss 7.8epss 0.00

    In FlexNet Publisher versions before Luton SP1 (11.14.1.1) running FlexNet Publisher Licensing Service on Windows platform, a boundary error related to a named pipe within the FlexNet Publisher Licensing Service can be exploited to cause an out-of-bounds memory read access and…

  • CVE-2017-0637HigJun 14, 2017
    risk 0.51cvss 7.8epss 0.01

    A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the…

  • CVE-2017-8241HigJun 13, 2017
    risk 0.51cvss 7.8epss 0.00

    In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a WLAN function due to an incorrect message length.

  • CVE-2017-8238HigJun 13, 2017
    risk 0.51cvss 7.8epss 0.00

    In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a camera function.

  • CVE-2017-8237HigJun 13, 2017
    risk 0.51cvss 7.8epss 0.00

    In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists while loading a firmware image.

  • CVE-2017-8236HigJun 13, 2017
    risk 0.51cvss 7.8epss 0.00

    In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in an IPA driver.

  • CVE-2016-10342HigJun 13, 2017
    risk 0.51cvss 7.8epss 0.01

    In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a syscall handler.

  • CVE-2016-10340HigJun 13, 2017
    risk 0.51cvss 7.8epss 0.01

    In all Android releases from CAF using the Linux kernel, an integer underflow leading to buffer overflow vulnerability exists in a syscall handler.

  • CVE-2015-9028HigJun 13, 2017
    risk 0.51cvss 7.8epss 0.01

    In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a cryptographic routine.

  • CVE-2015-9025HigJun 13, 2017
    risk 0.51cvss 7.8epss 0.01

    In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a QTEE application.

  • CVE-2015-9023HigJun 13, 2017
    risk 0.51cvss 7.8epss 0.01

    In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in the PlayReady API.

  • CVE-2014-9963HigJun 13, 2017
    risk 0.51cvss 7.8epss 0.01

    In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in WideVine DRM.

  • CVE-2014-9960HigJun 13, 2017
    risk 0.51cvss 7.8epss 0.01

    In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in the PlayReady API.