VYPR

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

ClassStableLikelihood: High

Description

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9

CVEs mapped to this weakness (10,979)

page 210 of 549
  • CVE-2017-13729MedAug 29, 2017
    risk 0.42cvss 6.5epss 0.03

    There is an illegal address access in the _nc_save_str function in alloc_entry.c in ncurses 6.0. It will lead to a remote denial of service attack.

  • CVE-2017-12919MedAug 28, 2017
    risk 0.42cvss 6.5epss 0.01

    Heap-based buffer overflow in OLEStream::WriteVT_LPSTR in olestrm.cpp in libfpx 1.3.1_p6 allows remote attackers to cause a denial of service via a crafted fpx image.

  • CVE-2017-13140MedAug 23, 2017
    risk 0.42cvss 6.5epss 0.02

    In ImageMagick before 6.9.9-1 and 7.x before 7.0.6-2, the ReadOnePNGImage function in coders/png.c allows remote attackers to cause a denial of service (application hang in LockSemaphoreInfo) via a PNG file with a width equal to MAGICK_WIDTH_LIMIT.

  • CVE-2017-13064MedAug 22, 2017
    risk 0.42cvss 6.5epss 0.02

    GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:311:12.

  • CVE-2017-13063MedAug 22, 2017
    risk 0.42cvss 6.5epss 0.02

    GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:314:12.

  • CVE-2017-12966MedAug 20, 2017
    risk 0.42cvss 6.5epss 0.01

    The asn1f_lookup_symbol_impl function in asn1fix_retrieve.c in libasn1fix.a in asn1c 0.9.28 allows remote attackers to cause a denial of service (segmentation fault) via a crafted .asn1 file.

  • CVE-2016-6817HigAug 10, 2017
    risk 0.42cvss 7.5epss 0.07

    The HTTP/2 header parser in Apache Tomcat 9.0.0.M1 to 9.0.0.M11 and 8.5.0 to 8.5.6 entered an infinite loop if a header was received that was larger than the available buffer. This made a denial of service attack possible.

  • CVE-2017-6260MedJul 28, 2017
    risk 0.42cvss 6.5epss 0.00

    NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer helper function where an incorrect calculation of string length may lead to denial of service.

  • CVE-2017-11640MedJul 26, 2017
    risk 0.42cvss 6.5epss 0.03

    When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to an address access exception in the WritePTIFImage() function in coders/tiff.c.

  • CVE-2017-11339MedJul 17, 2017
    risk 0.42cvss 6.5epss 0.01

    There is a heap-based buffer overflow in the Image::printIFDStructure function of image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack.

  • CVE-2017-8420MedJul 5, 2017
    risk 0.42cvss 6.5epss 0.01

    SWFTools 2013-04-09-1007 on Windows has a "Data from Faulting Address controls Branch Selection starting at image00000000_00400000+0x0000000000003e71" issue. This issue can be triggered by a malformed TTF file that is mishandled by font2swf. Attackers could exploit this issue…

  • CVE-2017-1310MedJun 29, 2017
    risk 0.42cvss 6.5epss 0.02

    IBM Informix Dynamic Server 12.1 could allow an authenticated user to cause a buffer overflow that would write large assertion fail files to the server. Done enough times, this could use large parts of the file system and cause the server to crash. IBM X-Force ID: 125569.

  • CVE-2017-9998MedJun 28, 2017
    risk 0.42cvss 6.5epss 0.02

    The _dwarf_decode_s_leb128_chk function in dwarf_leb.c in libdwarf through 2017-06-28 allows remote attackers to cause a denial of service (Segmentation fault) via a crafted file.

  • CVE-2017-9937MedJun 26, 2017
    risk 0.42cvss 6.5epss 0.03

    In LibTIFF 4.0.8, there is a memory malloc failure in tif_jbig.c. A crafted TIFF document can lead to an abort resulting in a remote denial of service attack.

  • CVE-2015-3220HigJun 13, 2017
    risk 0.42cvss 7.5epss 0.03

    The tlslite library before 0.4.9 for Python allows remote attackers to trigger a denial of service (runtime exception and process crash).

  • CVE-2017-6655MedJun 13, 2017
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the Fibre Channel over Ethernet (FCoE) protocol implementation in Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition when an FCoE-related process unexpectedly reloads. This vulnerability affects…

  • CVE-2016-3077MedJun 6, 2017
    risk 0.42cvss 6.5epss 0.01

    The VersionMapper.fromKernelVersionString method in oVirt Engine allows remote authenticated users to cause a denial of service (process crash) for all VMs.

  • CVE-2017-9025MedMay 17, 2017
    risk 0.42cvss 6.5epss 0.02

    Heap buffer overflow in vshttpd (aka ioos) in HooToo Trip Mate 6 (TM6) firmware 2.000.030 and earlier allows remote unauthenticated attackers to control the program counter via a specially crafted HTTP Cookie header.

  • CVE-2017-2325MedApr 24, 2017
    risk 0.42cvss 6.5epss 0.01

    A buffer overflow vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an authenticated malicious user to cause a buffer overflow leading to a denial of service.

  • CVE-2017-2316MedApr 24, 2017
    risk 0.42cvss 6.5epss 0.00

    A buffer overflow vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an authenticated malicious user to cause a buffer overflow leading to a denial of service.