CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

ClassStableLikelihood: High

Description

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Hierarchy (View 1000)

Parents

CWE-118

Children

Related attack patterns (CAPEC)

CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9

CVEs mapped to this weakness (9,861)

page 21 of 494

CVE	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2017-5483	Cri	0.64	9.8	0.01	Jan 28, 2017	The SNMP parser in tcpdump before 4.9.0 has a buffer overflow in print-snmp.c:asn1_parse().
CVE-2017-5482	Cri	0.64	9.8	0.01	Jan 28, 2017	The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2016-8575.
CVE-2017-5342	Cri	0.64	9.8	0.04	Jan 28, 2017	In tcpdump before 4.9.0, a bug in multiple protocol parsers (Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in print-ether.c:ether_print().
CVE-2017-5341	Cri	0.64	9.8	0.04	Jan 28, 2017	The OTV parser in tcpdump before 4.9.0 has a buffer overflow in print-otv.c:otv_print().
CVE-2017-5205	Cri	0.64	9.8	0.01	Jan 28, 2017	The ISAKMP parser in tcpdump before 4.9.0 has a buffer overflow in print-isakmp.c:ikev2_e_print().
CVE-2017-5204	Cri	0.64	9.8	0.02	Jan 28, 2017	The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in print-ip6.c:ip6_print().
CVE-2017-5203	Cri	0.64	9.8	0.01	Jan 28, 2017	The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print().
CVE-2017-5202	Cri	0.64	9.8	0.01	Jan 28, 2017	The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print().
CVE-2016-8575	Cri	0.64	9.8	0.01	Jan 28, 2017	The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2017-5482.
CVE-2016-8574	Cri	0.64	9.8	0.01	Jan 28, 2017	The FRF.15 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:frf15_print().
CVE-2016-7993	Cri	0.64	9.8	0.01	Jan 28, 2017	A bug in util-print.c:relts_print() in tcpdump before 4.9.0 could cause a buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM).
CVE-2016-7992	Cri	0.64	9.8	0.01	Jan 28, 2017	The Classical IP over ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-cip.c:cip_if_print().
CVE-2016-7986	Cri	0.64	9.8	0.01	Jan 28, 2017	The GeoNetworking parser in tcpdump before 4.9.0 has a buffer overflow in print-geonet.c, multiple functions.
CVE-2016-7985	Cri	0.64	9.8	0.01	Jan 28, 2017	The CALM FAST parser in tcpdump before 4.9.0 has a buffer overflow in print-calm-fast.c:calm_fast_print().
CVE-2016-7984	Cri	0.64	9.8	0.01	Jan 28, 2017	The TFTP parser in tcpdump before 4.9.0 has a buffer overflow in print-tftp.c:tftp_print().
CVE-2016-7983	Cri	0.64	9.8	0.01	Jan 28, 2017	The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print().
CVE-2016-7975	Cri	0.64	9.8	0.01	Jan 28, 2017	The TCP parser in tcpdump before 4.9.0 has a buffer overflow in print-tcp.c:tcp_print().
CVE-2016-7974	Cri	0.64	9.8	0.01	Jan 28, 2017	The IP parser in tcpdump before 4.9.0 has a buffer overflow in print-ip.c, multiple functions.
CVE-2016-7973	Cri	0.64	9.8	0.01	Jan 28, 2017	The AppleTalk parser in tcpdump before 4.9.0 has a buffer overflow in print-atalk.c, multiple functions.
CVE-2016-7940	Cri	0.64	9.8	0.01	Jan 28, 2017	The STP parser in tcpdump before 4.9.0 has a buffer overflow in print-stp.c, multiple functions.

CVE-2017-5483CriJan 28, 2017
risk 0.64cvss 9.8epss 0.01
The SNMP parser in tcpdump before 4.9.0 has a buffer overflow in print-snmp.c:asn1_parse().
CVE-2017-5482CriJan 28, 2017
risk 0.64cvss 9.8epss 0.01
The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2016-8575.
CVE-2017-5342CriJan 28, 2017
risk 0.64cvss 9.8epss 0.04
In tcpdump before 4.9.0, a bug in multiple protocol parsers (Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in print-ether.c:ether_print().
CVE-2017-5341CriJan 28, 2017
risk 0.64cvss 9.8epss 0.04
The OTV parser in tcpdump before 4.9.0 has a buffer overflow in print-otv.c:otv_print().
CVE-2017-5205CriJan 28, 2017
risk 0.64cvss 9.8epss 0.01
The ISAKMP parser in tcpdump before 4.9.0 has a buffer overflow in print-isakmp.c:ikev2_e_print().
CVE-2017-5204CriJan 28, 2017
risk 0.64cvss 9.8epss 0.02
The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in print-ip6.c:ip6_print().
CVE-2017-5203CriJan 28, 2017
risk 0.64cvss 9.8epss 0.01
The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print().
CVE-2017-5202CriJan 28, 2017
risk 0.64cvss 9.8epss 0.01
The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print().
CVE-2016-8575CriJan 28, 2017
risk 0.64cvss 9.8epss 0.01
The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2017-5482.
CVE-2016-8574CriJan 28, 2017
risk 0.64cvss 9.8epss 0.01
The FRF.15 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:frf15_print().
CVE-2016-7993CriJan 28, 2017
risk 0.64cvss 9.8epss 0.01
A bug in util-print.c:relts_print() in tcpdump before 4.9.0 could cause a buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM).
CVE-2016-7992CriJan 28, 2017
risk 0.64cvss 9.8epss 0.01
The Classical IP over ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-cip.c:cip_if_print().
CVE-2016-7986CriJan 28, 2017
risk 0.64cvss 9.8epss 0.01
The GeoNetworking parser in tcpdump before 4.9.0 has a buffer overflow in print-geonet.c, multiple functions.
CVE-2016-7985CriJan 28, 2017
risk 0.64cvss 9.8epss 0.01
The CALM FAST parser in tcpdump before 4.9.0 has a buffer overflow in print-calm-fast.c:calm_fast_print().
CVE-2016-7984CriJan 28, 2017
risk 0.64cvss 9.8epss 0.01
The TFTP parser in tcpdump before 4.9.0 has a buffer overflow in print-tftp.c:tftp_print().
CVE-2016-7983CriJan 28, 2017
risk 0.64cvss 9.8epss 0.01
The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print().
CVE-2016-7975CriJan 28, 2017
risk 0.64cvss 9.8epss 0.01
The TCP parser in tcpdump before 4.9.0 has a buffer overflow in print-tcp.c:tcp_print().
CVE-2016-7974CriJan 28, 2017
risk 0.64cvss 9.8epss 0.01
The IP parser in tcpdump before 4.9.0 has a buffer overflow in print-ip.c, multiple functions.
CVE-2016-7973CriJan 28, 2017
risk 0.64cvss 9.8epss 0.01
The AppleTalk parser in tcpdump before 4.9.0 has a buffer overflow in print-atalk.c, multiple functions.
CVE-2016-7940CriJan 28, 2017
risk 0.64cvss 9.8epss 0.01
The STP parser in tcpdump before 4.9.0 has a buffer overflow in print-stp.c, multiple functions.