VYPR

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

ClassStableLikelihood: High

Description

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9

CVEs mapped to this weakness (10,979)

page 189 of 549
  • CVE-2016-10091HigApr 21, 2017
    risk 0.49cvss 7.5epss 0.03

    Multiple stack-based buffer overflows in unrtf 0.21.9 allow remote attackers to cause a denial-of-service by writing a negative integer to the (1) cmd_expand function, (2) cmd_emboss function, or (3) cmd_engrave function.

  • CVE-2017-3808HigApr 20, 2017
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the Session Initiation Protocol (SIP) UDP throttling process of Cisco Unified Communications Manager (Cisco Unified CM) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due…

  • CVE-2016-3036HigApr 17, 2017
    risk 0.49cvss 7.5epss 0.02

    IBM Cognos TM1 10.1 and 10.2 is vulnerable to a denial of service, caused by a stack-based buffer overflow when parsing packets. A remote attacker could exploit this vulnerability to cause a denial of service. IBM X-Force ID: 114612.

  • CVE-2017-7853HigApr 13, 2017
    risk 0.49cvss 7.5epss 0.02

    In libosip2 in GNU oSIP 4.1.0 and 5.0.0, a malformed SIP message can lead to a heap buffer overflow in the msg_osip_body_parse() function defined in osipparser2/osip_message_parse.c, resulting in a remote DoS.

  • CVE-2016-10326HigApr 13, 2017
    risk 0.49cvss 7.5epss 0.01

    In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the osip_body_to_str() function defined in osipparser2/osip_body.c, resulting in a remote DoS.

  • CVE-2016-10325HigApr 13, 2017
    risk 0.49cvss 7.5epss 0.01

    In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the _osip_message_to_str() function defined in osipparser2/osip_message_to_str.c, resulting in a remote DoS.

  • CVE-2016-4459HigApr 12, 2017
    risk 0.49cvss 7.5epss 0.03

    Stack-based buffer overflow in native/mod_manager/node.c in mod_cluster 1.2.9.

  • CVE-2014-4706HigApr 2, 2017
    risk 0.49cvss 7.5epss 0.01

    Huawei Campus S3700HI with software V200R001C00SPC300; Campus S5700 with software V200R002C00SPC100; Campus S7700 with software V200R003C00SPC300,V200R003C00SPC500; LSW S9700 with software V200R001C00SPC300,V200R003C00SPC300,V200R003C00SPC500; S2350 with software…

  • CVE-2017-2377HigApr 2, 2017
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit Web Inspector" component. It allows attackers to cause a denial of service (memory corruption and application crash) by leveraging a…

  • CVE-2017-2775HigMar 31, 2017
    risk 0.49cvss 7.5epss 0.03

    An exploitable memory corruption vulnerability exists in the LvVariantUnflatten functionality in 64-bit versions of LabVIEW before 2015 SP1 f7 Patch and 2016 before f2 Patch. A specially crafted VI file can cause a user controlled value to be used as a loop terminator resulting…

  • CVE-2017-7227HigMar 22, 2017
    risk 0.49cvss 7.5epss 0.03

    GNU linker (ld) in GNU Binutils 2.28 is vulnerable to a heap-based buffer overflow while processing a bogus input script, leading to a program crash. This relates to lack of '\0' termination of a name field in ldlex.l.

  • CVE-2017-7223HigMar 22, 2017
    risk 0.49cvss 7.5epss 0.02

    GNU assembler in GNU Binutils 2.28 is vulnerable to a global buffer overflow (of size 1) while attempting to unget an EOF character from the input stream, potentially leading to a program crash.

  • CVE-2014-9839HigMar 22, 2017
    risk 0.49cvss 7.5epss 0.02

    magick/colormap-private.h in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access).

  • CVE-2017-7186HigMar 20, 2017
    risk 0.49cvss 7.5epss 0.05

    libpcre1 in PCRE 8.40 and libpcre2 in PCRE2 10.23 allow remote attackers to cause a denial of service (segmentation violation for read access, and application crash) by triggering an invalid Unicode property lookup.

  • CVE-2017-0103HigMar 17, 2017
    risk 0.49cvss 7.0epss 0.03

    The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows Server 2012 mishandles registry objects in memory, which allows local users to gain privileges via a crafted application, aka "Windows Registry Elevation of Privilege…

  • CVE-2016-7970HigMar 3, 2017
    risk 0.49cvss 7.5epss 0.05

    Buffer overflow in the calc_coeff function in libass/ass_blur.c in libass before 0.13.4 allows remote attackers to cause a denial of service via unspecified vectors.

  • CVE-2017-2791HigFeb 24, 2017
    risk 0.49cvss 7.5epss 0.01

    JustSystems Ichitaro 2016 Trial contains a vulnerability that exists when trying to open a specially crafted PowerPoint file. Due to the application incorrectly handling the error case for a function's result, the application will use this result in a pointer calculation for…

  • CVE-2016-8687HigFeb 15, 2017
    risk 0.49cvss 7.5epss 0.05

    Stack-based buffer overflow in the safe_fprintf function in tar/util.c in libarchive 3.2.1 allows remote attackers to cause a denial of service via a crafted non-printable multibyte character in a filename.

  • CVE-2015-8979HigFeb 15, 2017
    risk 0.49cvss 7.5epss 0.04

    Stack-based buffer overflow in the parsePresentationContext function in storescp in DICOM dcmtk-3.6.0 and earlier allows remote attackers to cause a denial of service (segmentation fault) via a long string sent to TCP port 4242.

  • CVE-2016-5798HigFeb 13, 2017
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in Fatek Automation PM Designer V3 Version 2.1.2.2, and Automation FV Designer Version 1.2.8.0. By sending additional valid packets, an attacker could trigger a stack-based buffer overflow and cause a crash. Also, a malicious attacker can trigger a remote…