CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

ClassStableLikelihood: High

Description

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Hierarchy (View 1000)

Parents

CWE-118

Children

Related attack patterns (CAPEC)

CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9

CVEs mapped to this weakness (9,861)

page 22 of 494

CVE	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2016-7939	Cri	0.64	9.8	0.01	Jan 28, 2017	The GRE parser in tcpdump before 4.9.0 has a buffer overflow in print-gre.c, multiple functions.
CVE-2016-7937	Cri	0.64	9.8	0.01	Jan 28, 2017	The VAT parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:vat_print().
CVE-2016-7936	Cri	0.64	9.8	0.01	Jan 28, 2017	The UDP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:udp_print().
CVE-2016-7935	Cri	0.64	9.8	0.01	Jan 28, 2017	The RTP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtp_print().
CVE-2016-7934	Cri	0.64	9.8	0.01	Jan 28, 2017	The RTCP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtcp_print().
CVE-2016-7933	Cri	0.64	9.8	0.01	Jan 28, 2017	The PPP parser in tcpdump before 4.9.0 has a buffer overflow in print-ppp.c:ppp_hdlc_if_print().
CVE-2016-7932	Cri	0.64	9.8	0.01	Jan 28, 2017	The PIM parser in tcpdump before 4.9.0 has a buffer overflow in print-pim.c:pimv2_check_checksum().
CVE-2016-7931	Cri	0.64	9.8	0.01	Jan 28, 2017	The MPLS parser in tcpdump before 4.9.0 has a buffer overflow in print-mpls.c:mpls_print().
CVE-2016-7930	Cri	0.64	9.8	0.01	Jan 28, 2017	The LLC/SNAP parser in tcpdump before 4.9.0 has a buffer overflow in print-llc.c:llc_print().
CVE-2016-7929	Cri	0.64	9.8	0.01	Jan 28, 2017	The Juniper PPPoE ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-juniper.c:juniper_parse_header().
CVE-2016-7928	Cri	0.64	9.8	0.01	Jan 28, 2017	The IPComp parser in tcpdump before 4.9.0 has a buffer overflow in print-ipcomp.c:ipcomp_print().
CVE-2016-7927	Cri	0.64	9.8	0.01	Jan 28, 2017	The IEEE 802.11 parser in tcpdump before 4.9.0 has a buffer overflow in print-802_11.c:ieee802_11_radio_print().
CVE-2016-7926	Cri	0.64	9.8	0.01	Jan 28, 2017	The Ethernet parser in tcpdump before 4.9.0 has a buffer overflow in print-ether.c:ethertype_print().
CVE-2016-7925	Cri	0.64	9.8	0.01	Jan 28, 2017	The compressed SLIP parser in tcpdump before 4.9.0 has a buffer overflow in print-sl.c:sl_if_print().
CVE-2016-7924	Cri	0.64	9.8	0.01	Jan 28, 2017	The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:oam_print().
CVE-2016-7923	Cri	0.64	9.8	0.01	Jan 28, 2017	The ARP parser in tcpdump before 4.9.0 has a buffer overflow in print-arp.c:arp_print().
CVE-2016-7922	Cri	0.64	9.8	0.01	Jan 28, 2017	The AH parser in tcpdump before 4.9.0 has a buffer overflow in print-ah.c:ah_print().
CVE-2016-8411	Cri	0.64	9.8	0.00	Jan 27, 2017	Buffer overflow vulnerability while processing QMI QOS TLVs. Product: Android. Versions: versions that have qmi_qos_srvc.c. Android ID: 31805216. References: QC CR#912775.
CVE-2016-9307	Cri	0.64	9.8	0.03	Jan 25, 2017	Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed 3DS format files.
CVE-2016-9306	Cri	0.64	9.8	0.03	Jan 25, 2017	Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed DAE format files.

CVE-2016-7939CriJan 28, 2017
risk 0.64cvss 9.8epss 0.01
The GRE parser in tcpdump before 4.9.0 has a buffer overflow in print-gre.c, multiple functions.
CVE-2016-7937CriJan 28, 2017
risk 0.64cvss 9.8epss 0.01
The VAT parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:vat_print().
CVE-2016-7936CriJan 28, 2017
risk 0.64cvss 9.8epss 0.01
The UDP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:udp_print().
CVE-2016-7935CriJan 28, 2017
risk 0.64cvss 9.8epss 0.01
The RTP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtp_print().
CVE-2016-7934CriJan 28, 2017
risk 0.64cvss 9.8epss 0.01
The RTCP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtcp_print().
CVE-2016-7933CriJan 28, 2017
risk 0.64cvss 9.8epss 0.01
The PPP parser in tcpdump before 4.9.0 has a buffer overflow in print-ppp.c:ppp_hdlc_if_print().
CVE-2016-7932CriJan 28, 2017
risk 0.64cvss 9.8epss 0.01
The PIM parser in tcpdump before 4.9.0 has a buffer overflow in print-pim.c:pimv2_check_checksum().
CVE-2016-7931CriJan 28, 2017
risk 0.64cvss 9.8epss 0.01
The MPLS parser in tcpdump before 4.9.0 has a buffer overflow in print-mpls.c:mpls_print().
CVE-2016-7930CriJan 28, 2017
risk 0.64cvss 9.8epss 0.01
The LLC/SNAP parser in tcpdump before 4.9.0 has a buffer overflow in print-llc.c:llc_print().
CVE-2016-7929CriJan 28, 2017
risk 0.64cvss 9.8epss 0.01
The Juniper PPPoE ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-juniper.c:juniper_parse_header().
CVE-2016-7928CriJan 28, 2017
risk 0.64cvss 9.8epss 0.01
The IPComp parser in tcpdump before 4.9.0 has a buffer overflow in print-ipcomp.c:ipcomp_print().
CVE-2016-7927CriJan 28, 2017
risk 0.64cvss 9.8epss 0.01
The IEEE 802.11 parser in tcpdump before 4.9.0 has a buffer overflow in print-802_11.c:ieee802_11_radio_print().
CVE-2016-7926CriJan 28, 2017
risk 0.64cvss 9.8epss 0.01
The Ethernet parser in tcpdump before 4.9.0 has a buffer overflow in print-ether.c:ethertype_print().
CVE-2016-7925CriJan 28, 2017
risk 0.64cvss 9.8epss 0.01
The compressed SLIP parser in tcpdump before 4.9.0 has a buffer overflow in print-sl.c:sl_if_print().
CVE-2016-7924CriJan 28, 2017
risk 0.64cvss 9.8epss 0.01
The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:oam_print().
CVE-2016-7923CriJan 28, 2017
risk 0.64cvss 9.8epss 0.01
The ARP parser in tcpdump before 4.9.0 has a buffer overflow in print-arp.c:arp_print().
CVE-2016-7922CriJan 28, 2017
risk 0.64cvss 9.8epss 0.01
The AH parser in tcpdump before 4.9.0 has a buffer overflow in print-ah.c:ah_print().
CVE-2016-8411CriJan 27, 2017
risk 0.64cvss 9.8epss 0.00
Buffer overflow vulnerability while processing QMI QOS TLVs. Product: Android. Versions: versions that have qmi_qos_srvc.c. Android ID: 31805216. References: QC CR#912775.
CVE-2016-9307CriJan 25, 2017
risk 0.64cvss 9.8epss 0.03
Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed 3DS format files.
CVE-2016-9306CriJan 25, 2017
risk 0.64cvss 9.8epss 0.03
Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed DAE format files.