CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

ClassStableLikelihood: High

Description

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Hierarchy (View 1000)

Parents

CWE-118

Children

Related attack patterns (CAPEC)

CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9

CVEs mapped to this weakness (9,861)

page 17 of 494

CVE	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2017-1000044	Cri	0.64	9.8	0.02	Jul 17, 2017	gtk-vnc 0.4.2 and older doesn't check framebuffer boundaries correctly when updating framebuffer which may lead to memory corruption when rendering
CVE-2017-10684	Cri	0.64	9.8	0.02	Jun 29, 2017	In ncurses 6.0, there is a stack-based buffer overflow in the fmt_entry function. A crafted input will lead to a remote arbitrary code execution attack.
CVE-2017-3096	Cri	0.64	9.8	0.03	Jun 20, 2017	Adobe Digital Editions versions 4.5.4 and earlier have an exploitable memory corruption vulnerability in the character code mapping module. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3095	Cri	0.64	9.8	0.03	Jun 20, 2017	Adobe Digital Editions versions 4.5.4 and earlier have an exploitable memory corruption vulnerability in the PDF parsing engine. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3094	Cri	0.64	9.8	0.03	Jun 20, 2017	Adobe Digital Editions versions 4.5.4 and earlier have an exploitable memory corruption vulnerability in the PDF processing engine. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3093	Cri	0.64	9.8	0.03	Jun 20, 2017	Adobe Digital Editions versions 4.5.4 and earlier have an exploitable memory corruption vulnerability in the bitmap representation module. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3089	Cri	0.64	9.8	0.03	Jun 20, 2017	Adobe Digital Editions versions 4.5.4 and earlier have an exploitable memory corruption vulnerability in the PDF imaging model. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3086	Cri	0.64	9.8	0.06	Jun 20, 2017	Adobe Shockwave versions 12.2.8.198 and earlier have an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3082	Cri	0.64	9.8	0.03	Jun 20, 2017	Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the LocaleID class. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3079	Cri	0.64	9.8	0.03	Jun 20, 2017	Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the internal representation of raster data. Successful exploitation could lead to arbitrary code execution.
CVE-2014-9984	Cri	0.64	9.8	0.01	Jun 12, 2017	nscd in the GNU C Library (aka glibc or libc6) before version 2.20 does not correctly compute the size of an internal buffer when processing netgroup requests, possibly leading to an nscd daemon crash or code execution as the user running nscd.
CVE-2017-4907	Cri	0.64	9.8	0.03	Jun 8, 2017	VMware Unified Access Gateway (2.5.x, 2.7.x, 2.8.x prior to 2.8.1) and Horizon View (7.x prior to 7.1.0, 6.x prior to 6.2.4) contain a heap buffer-overflow vulnerability which may allow a remote attacker to execute code on the security gateway.
CVE-2017-9433	Cri	0.64	9.8	0.01	Jun 5, 2017	Document Liberation Project libmwaw before 2017-04-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the MsWrd1Parser::readFootnoteCorrespondance function in lib/MsWrd1Parser.cxx.
CVE-2016-10375	Cri	0.64	9.8	0.00	May 26, 2017	Yodl before 3.07.01 has a Buffer Over-read in the queue_push function in queue/queuepush.c.
CVE-2017-9192	Cri	0.64	9.8	0.01	May 23, 2017	libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-tga.c:528:7.
CVE-2017-9191	Cri	0.64	9.8	0.01	May 23, 2017	libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the rle_fread function in input-tga.c:252:15.
CVE-2017-9173	Cri	0.64	9.8	0.01	May 23, 2017	libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-bmp.c:497:29.
CVE-2017-9172	Cri	0.64	9.8	0.01	May 23, 2017	libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-bmp.c:496:29.
CVE-2017-9170	Cri	0.64	9.8	0.01	May 23, 2017	libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-bmp.c:370:25.
CVE-2017-9169	Cri	0.64	9.8	0.01	May 23, 2017	libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-bmp.c:355:25.

CVE-2017-1000044CriJul 17, 2017
risk 0.64cvss 9.8epss 0.02
gtk-vnc 0.4.2 and older doesn't check framebuffer boundaries correctly when updating framebuffer which may lead to memory corruption when rendering
CVE-2017-10684CriJun 29, 2017
risk 0.64cvss 9.8epss 0.02
In ncurses 6.0, there is a stack-based buffer overflow in the fmt_entry function. A crafted input will lead to a remote arbitrary code execution attack.
CVE-2017-3096CriJun 20, 2017
risk 0.64cvss 9.8epss 0.03
Adobe Digital Editions versions 4.5.4 and earlier have an exploitable memory corruption vulnerability in the character code mapping module. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3095CriJun 20, 2017
risk 0.64cvss 9.8epss 0.03
Adobe Digital Editions versions 4.5.4 and earlier have an exploitable memory corruption vulnerability in the PDF parsing engine. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3094CriJun 20, 2017
risk 0.64cvss 9.8epss 0.03
Adobe Digital Editions versions 4.5.4 and earlier have an exploitable memory corruption vulnerability in the PDF processing engine. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3093CriJun 20, 2017
risk 0.64cvss 9.8epss 0.03
Adobe Digital Editions versions 4.5.4 and earlier have an exploitable memory corruption vulnerability in the bitmap representation module. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3089CriJun 20, 2017
risk 0.64cvss 9.8epss 0.03
Adobe Digital Editions versions 4.5.4 and earlier have an exploitable memory corruption vulnerability in the PDF imaging model. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3086CriJun 20, 2017
risk 0.64cvss 9.8epss 0.06
Adobe Shockwave versions 12.2.8.198 and earlier have an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3082CriJun 20, 2017
risk 0.64cvss 9.8epss 0.03
Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the LocaleID class. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3079CriJun 20, 2017
risk 0.64cvss 9.8epss 0.03
Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the internal representation of raster data. Successful exploitation could lead to arbitrary code execution.
CVE-2014-9984CriJun 12, 2017
risk 0.64cvss 9.8epss 0.01
nscd in the GNU C Library (aka glibc or libc6) before version 2.20 does not correctly compute the size of an internal buffer when processing netgroup requests, possibly leading to an nscd daemon crash or code execution as the user running nscd.
CVE-2017-4907CriJun 8, 2017
risk 0.64cvss 9.8epss 0.03
VMware Unified Access Gateway (2.5.x, 2.7.x, 2.8.x prior to 2.8.1) and Horizon View (7.x prior to 7.1.0, 6.x prior to 6.2.4) contain a heap buffer-overflow vulnerability which may allow a remote attacker to execute code on the security gateway.
CVE-2017-9433CriJun 5, 2017
risk 0.64cvss 9.8epss 0.01
Document Liberation Project libmwaw before 2017-04-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the MsWrd1Parser::readFootnoteCorrespondance function in lib/MsWrd1Parser.cxx.
CVE-2016-10375CriMay 26, 2017
risk 0.64cvss 9.8epss 0.00
Yodl before 3.07.01 has a Buffer Over-read in the queue_push function in queue/queuepush.c.
CVE-2017-9192CriMay 23, 2017
risk 0.64cvss 9.8epss 0.01
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-tga.c:528:7.
CVE-2017-9191CriMay 23, 2017
risk 0.64cvss 9.8epss 0.01
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the rle_fread function in input-tga.c:252:15.
CVE-2017-9173CriMay 23, 2017
risk 0.64cvss 9.8epss 0.01
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-bmp.c:497:29.
CVE-2017-9172CriMay 23, 2017
risk 0.64cvss 9.8epss 0.01
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-bmp.c:496:29.
CVE-2017-9170CriMay 23, 2017
risk 0.64cvss 9.8epss 0.01
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-bmp.c:370:25.
CVE-2017-9169CriMay 23, 2017
risk 0.64cvss 9.8epss 0.01
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-bmp.c:355:25.