VYPR

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

ClassStableLikelihood: High

Description

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9

CVEs mapped to this weakness (10,979)

page 190 of 549
  • CVE-2016-1504HigFeb 7, 2017
    risk 0.49cvss 7.5epss 0.03

    dhcpcd before 6.10.0 allows remote attackers to cause a denial of service (invalid read and crash) via vectors related to the option length.

  • CVE-2016-7800HigFeb 6, 2017
    risk 0.49cvss 7.5epss 0.04

    Integer underflow in the parse8BIM function in coders/meta.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM chunk, which triggers a heap-based buffer overflow.

  • CVE-2016-6920HigJan 23, 2017
    risk 0.49cvss 7.5epss 0.03

    Heap-based buffer overflow in the decode_block function in libavcodec/exr.c in FFmpeg before 3.1.3 allows remote attackers to cause a denial of service (application crash) via vectors involving tile positions.

  • CVE-2016-7564HigJan 18, 2017
    risk 0.49cvss 7.5epss 0.02

    Heap-based buffer overflow in the Fp_toString function in jsfunction.c in Artifex Software MuJS allows attackers to cause a denial of service (crash) via crafted input.

  • CVE-2016-9933HigJan 4, 2017
    risk 0.49cvss 7.5epss 0.07

    Stack consumption vulnerability in the gdImageFillToBorder function in gd.c in the GD Graphics Library (aka libgd) before 2.2.2, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (segmentation violation) via a crafted…

  • CVE-2016-8860HigJan 4, 2017
    risk 0.49cvss 7.5epss 0.02

    Tor before 0.2.8.9 and 0.2.9.x before 0.2.9.4-alpha had internal functions that were entitled to expect that buf_t data had NUL termination, but the implementation of or/buffers.c did not ensure that NUL termination was present, which allows remote attackers to cause a denial of…

  • CVE-2016-9203HigDec 14, 2016
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the Internet Key Exchange Version 2 (IKEv2) feature of Cisco ASR 5000 Series Software could allow an unauthenticated, remote attacker to cause a reload of the ipsecmgr process. More Information: CSCvb38398. Known Affected Releases: 20.2.3 20.2.3.65026. Known…

  • CVE-2015-3217HigDec 13, 2016
    risk 0.49cvss 7.5epss 0.06

    PCRE 7.8 and 8.32 through 8.37, and PCRE2 10.10 mishandle group empty matches, which might allow remote attackers to cause a denial of service (stack-based buffer overflow) via a crafted regular expression, as demonstrated by /^(?:(?(1)\\.|([^\\\\W_])?)+)+$/.

  • CVE-2016-9937HigDec 12, 2016
    risk 0.49cvss 7.5epss 0.03

    An issue was discovered in Asterisk Open Source 13.12.x and 13.13.x before 13.13.1 and 14.x before 14.2.1. If an SDP offer or answer is received with the Opus codec and with the format parameters separated using a space the code responsible for parsing will recursively call…

  • CVE-2016-9917HigDec 8, 2016
    risk 0.49cvss 7.5epss 0.04

    In BlueZ 5.42, a buffer overflow was observed in "read_n" function in "tools/hcidump.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.

  • CVE-2016-9136HigNov 3, 2016
    risk 0.49cvss 7.5epss 0.01

    Artifex Software, Inc. MuJS before a0ceaf5050faf419401fe1b83acfa950ec8a8a89 allows context-dependent attackers to obtain sensitive information by using the "crafted JavaScript" approach, related to a "Buffer Over-read" issue.

  • CVE-2016-8203HigOct 31, 2016
    risk 0.49cvss 7.5epss 0.02

    A memory corruption in the IPsec code path of Brocade NetIron OS on Brocade MLXs 5.8.00 through 5.8.00e, 5.9.00 through 5.9.00bd, 6.0.00, and 6.0.00a images could allow attackers to cause a denial of service (line card reset) via certain constructed IPsec control packets.

  • CVE-2016-4396HigOct 28, 2016
    risk 0.49cvss 7.5epss 0.04

    HPE System Management Homepage before v7.6 allows remote attackers to have an unspecified impact via unknown vectors, related to a "Buffer Overflow" issue.

  • CVE-2016-4395HigOct 28, 2016
    risk 0.49cvss 7.5epss 0.04

    HPE System Management Homepage before v7.6 allows remote attackers to have an unspecified impact via unknown vectors, related to a "Buffer Overflow" issue.

  • CVE-2016-8332HigOct 28, 2016
    risk 0.49cvss 7.5epss 0.03

    A buffer overflow in OpenJPEG 2.1.1 causes arbitrary code execution when parsing a crafted image. An exploitable code execution vulnerability exists in the jpeg2000 image file format parser as implemented in the OpenJpeg library. A specially crafted jpeg2000 file can cause an…

  • CVE-2016-7189HigOct 14, 2016
    risk 0.49cvss 7.5epss 0.48

    The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Remote Code Execution Vulnerability."

  • CVE-2016-7045HigSep 27, 2016
    risk 0.49cvss 7.5epss 0.05

    The format_send_to_gui function in the format parsing code in Irssi before 0.8.20 allows remote attackers to cause a denial of service (heap corruption and crash) via vectors involving the length of a string.

  • CVE-2016-7044HigSep 27, 2016
    risk 0.49cvss 7.5epss 0.05

    The unformat_24bit_color function in the format parsing code in Irssi before 0.8.20, when compiled with true-color enabled, allows remote attackers to cause a denial of service (heap corruption and crash) via an incomplete 24bit color code.

  • CVE-2016-6669HigSep 22, 2016
    risk 0.49cvss 7.5epss 0.03

    Buffer overflow in the Authentication, Authorization and Accounting (AAA) module in Huawei USG2100, USG2200, USG5100, and USG5500 unified security gateways with software before V300R001C10SPC600 allows remote authenticated RADIUS servers to execute arbitrary code by sending a…

  • CVE-2015-8919HigSep 20, 2016
    risk 0.49cvss 7.5epss 0.05

    The lha_read_file_extended_header function in archive_read_support_format_lha.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds heap) via a crafted (1) lzh or (2) lha file.