VYPR

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

ClassStableLikelihood: High

Description

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9

CVEs mapped to this weakness (12,280)

page 288 of 614
  • CVE-2017-15334MedFeb 15, 2018
    risk 0.35cvss 5.3epss 0.01

    The SIP backup feature in Huawei DP300 V500R002C00, IPS Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00,…

  • CVE-2017-11301MedDec 9, 2017
    risk 0.35cvss 5.3epss 0.03

    An issue was discovered in Adobe Digital Editions 4.5.6 and earlier versions. An exploitable memory corruption vulnerability exists, which could lead to disclosure of memory addresses.

  • CVE-2017-11300MedDec 9, 2017
    risk 0.35cvss 5.3epss 0.03

    An issue was discovered in Adobe Digital Editions 4.5.6 and earlier versions. An exploitable memory corruption vulnerability exists, which could lead to disclosure of memory addresses.

  • CVE-2017-11299MedDec 9, 2017
    risk 0.35cvss 5.3epss 0.03

    An issue was discovered in Adobe Digital Editions 4.5.6 and earlier versions. An exploitable memory corruption vulnerability exists, which could lead to disclosure of memory addresses.

  • CVE-2017-11298MedDec 9, 2017
    risk 0.35cvss 5.3epss 0.03

    An issue was discovered in Adobe Digital Editions 4.5.6 and earlier versions. An exploitable memory corruption vulnerability exists, which could lead to disclosure of memory addresses.

  • CVE-2017-11297MedDec 9, 2017
    risk 0.35cvss 5.3epss 0.03

    An issue was discovered in Adobe Digital Editions 4.5.6 and earlier versions. An exploitable memory corruption vulnerability exists, which could lead to disclosure of memory addresses.

  • CVE-2017-12267MedOct 5, 2017
    risk 0.35cvss 5.3epss 0.02

    A vulnerability in the Independent Computing Architecture (ICA) accelerator feature for the Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause an ICA application optimization-related process to restart, resulting in a partial…

  • CVE-2017-9502MedJun 14, 2017
    risk 0.35cvss 5.3epss 0.03

    In curl before 7.54.1 on Windows and DOS, libcurl's default protocol function, which is the logic that allows an application to set which protocol libcurl should attempt to use when given a URL without a scheme part, had a flaw that could lead to it overwriting a heap based…

  • CVE-2015-8957MedApr 20, 2017
    risk 0.35cvss 6.5epss 0.03

    Buffer overflow in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (application crash) via a crafted SUN file.

  • CVE-2017-5238MedMar 27, 2017
    risk 0.35cvss 5.3epss 0.01

    Due to a lack of bounds checking, several input configuration fields for the Eview EV-07S GPS Tracker will overflow data stored in one variable to another, overwriting the data of another field.

  • CVE-2017-3879MedMar 17, 2017
    risk 0.35cvss 5.3epss 0.02

    A Denial of Service vulnerability in the remote login functionality for Cisco NX-OS Software running on Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause a process used for login to terminate unexpectedly and the login attempt to fail.…

  • CVE-2017-3878MedMar 17, 2017
    risk 0.35cvss 5.3epss 0.02

    A Denial of Service vulnerability in the Telnet remote login functionality of Cisco NX-OS Software running on Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause a Telnet process used for login to terminate unexpectedly and the login attempt…

  • CVE-2016-9804MedDec 3, 2016
    risk 0.35cvss 5.3epss 0.03

    In BlueZ 5.42, a buffer overflow was observed in "commands_dump" function in "tools/parser/csr.c" source file. The issue exists because "commands" array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame "frm->ptr" parameter. This…

  • CVE-2016-9803MedDec 3, 2016
    risk 0.35cvss 5.3epss 0.02

    In BlueZ 5.42, an out-of-bounds read was observed in "le_meta_ev_dump" function in "tools/parser/hci.c" source file. This issue exists because 'subevent' (which is used to read correct element from 'ev_le_meta_str' array) is overflowed.

  • CVE-2016-9802MedDec 3, 2016
    risk 0.35cvss 5.3epss 0.03

    In BlueZ 5.42, a buffer over-read was identified in "l2cap_packet" function in "monitor/packet.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.

  • CVE-2016-9801MedDec 3, 2016
    risk 0.35cvss 5.3epss 0.03

    In BlueZ 5.42, a buffer overflow was observed in "set_ext_ctrl" function in "tools/parser/l2cap.c" source file when processing corrupted dump file.

  • CVE-2016-9800MedDec 3, 2016
    risk 0.35cvss 5.3epss 0.03

    In BlueZ 5.42, a buffer overflow was observed in "pin_code_reply_dump" function in "tools/parser/hci.c" source file. The issue exists because "pin" array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame "pin_code_reply_cp *cp"…

  • CVE-2016-9799MedDec 3, 2016
    risk 0.35cvss 5.3epss 0.02

    In BlueZ 5.42, a buffer overflow was observed in "pklg_read_hci" function in "btsnoop.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.

  • CVE-2016-9797MedDec 3, 2016
    risk 0.35cvss 5.3epss 0.04

    In BlueZ 5.42, a buffer over-read was observed in "l2cap_dump" function in "tools/parser/l2cap.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.

  • CVE-2016-9118MedOct 30, 2016
    risk 0.35cvss 5.3epss 0.03

    Heap Buffer Overflow (WRITE of size 4) in function pnmtoimage of convert.c:1719 in OpenJPEG 2.1.2.