VYPR

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

ClassStableLikelihood: High

Description

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9

CVEs mapped to this weakness (10,979)

page 31 of 549
  • CVE-2017-8366CriApr 30, 2017
    risk 0.64cvss 9.8epss 0.02

    The strescape function in ec_strings.c in Ettercap 0.8.2 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted filter that is mishandled by etterfilter.

  • CVE-2017-8358CriApr 30, 2017
    risk 0.64cvss 9.8epss 0.02

    LibreOffice before 2017-03-17 has an out-of-bounds write caused by a heap-based buffer overflow related to the ReadJPEG function in vcl/source/filter/jpeg/jpegc.cxx.

  • CVE-2017-2142CriApr 28, 2017
    risk 0.64cvss 9.8epss 0.03

    Buffer overflow in WN-G300R3 firmware Ver.1.03 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.

  • CVE-2017-8305CriApr 27, 2017
    risk 0.64cvss 9.8epss 0.01

    The UDFclient (before 0.8.8) custom strlcpy implementation has a buffer overflow. UDFclient's strlcpy is used only on systems with a C library (e.g., glibc) that lacks its own strlcpy.

  • CVE-2017-8289CriApr 27, 2017
    risk 0.64cvss 9.8epss 0.02

    Stack-based buffer overflow in the ipv6_addr_from_str function in sys/net/network_layer/ipv6/addr/ipv6_addr_from_str.c in RIOT prior to 2017-04-25 allows local attackers, and potentially remote attackers, to cause a denial of service or possibly have unspecified other impact via…

  • CVE-2017-8287CriApr 27, 2017
    risk 0.64cvss 9.8epss 0.03

    FreeType 2 before 2017-03-26 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_builder_close_contour function in psaux/psobjs.c.

  • CVE-2011-3428CriApr 24, 2017
    risk 0.64cvss 9.8epss 0.02

    Buffer overflow in QuickTime before 7.7.1 for Windows allows remote attackers to execute arbitrary code.

  • CVE-2014-9654CriApr 24, 2017
    risk 0.64cvss 9.8epss 0.02

    The Regular Expressions package in International Components for Unicode (ICU) for C/C++ before 2014-12-03, as used in Google Chrome before 40.0.2214.91, calculates certain values without ensuring that they can be represented in a 24-bit field, which allows remote attackers to…

  • CVE-2016-1558CriApr 21, 2017
    risk 0.64cvss 9.8epss 0.09

    Buffer overflow in D-Link DAP-2310 2.06 and earlier, DAP-2330 1.06 and earlier, DAP-2360 2.06 and earlier, DAP-2553 H/W ver. B1 3.05 and earlier, DAP-2660 1.11 and earlier, DAP-2690 3.15 and earlier, DAP-2695 1.16 and earlier, DAP-3320 1.00 and earlier, and DAP-3662 1.01 and…

  • CVE-2016-10324CriApr 13, 2017
    risk 0.64cvss 9.8epss 0.02

    In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the osip_clrncpy() function defined in osipparser2/osip_port.c.

  • CVE-2015-6674CriApr 13, 2017
    risk 0.64cvss 9.8epss 0.02

    Buffer underflow vulnerability in the Debian inspircd package before 2.0.5-1+deb7u1 for wheezy and before 2.0.16-1 for jessie and sid. NOTE: This issue exists as an additional issue from an incomplete fix of CVE-2012-1836.

  • CVE-2017-3037CriApr 12, 2017
    risk 0.64cvss 9.8epss 0.06

    Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JavaScript engine. Successful exploitation could lead to arbitrary code execution.

  • CVE-2016-10311CriApr 10, 2017
    risk 0.64cvss 9.8epss 0.02

    Stack-based buffer overflow in SAP NetWeaver 7.0 through 7.5 allows remote attackers to cause a denial of service () by sending a crafted packet to the SAPSTARTSRV port, aka SAP Security Note 2295238.

  • CVE-2015-7292CriApr 10, 2017
    risk 0.64cvss 9.8epss 0.02

    Stack-based buffer overflow in the havok_write function in drivers/staging/havok/havok.c in Amazon Fire OS before 2016-01-15 allows attackers to cause a denial of service (panic) or possibly have unspecified other impact via a long string to /dev/hv.

  • CVE-2015-7272CriApr 10, 2017
    risk 0.64cvss 9.8epss 0.03

    Dell Integrated Remote Access Controller (iDRAC) 6 before 2.80 and 7/8 before 2.21.21.21 allows attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long SSH username or input.

  • CVE-2017-2477CriApr 2, 2017
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "libxslt" component. It allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

  • CVE-2017-3010CriMar 31, 2017
    risk 0.64cvss 9.8epss 0.05

    Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the rendering engine. Successful exploitation could lead to arbitrary code execution.

  • CVE-2014-6440CriMar 28, 2017
    risk 0.64cvss 9.8epss 0.05

    VideoLAN VLC media player before 2.1.5 allows remote attackers to execute arbitrary code or cause a denial of service.

  • CVE-2017-5511CriMar 24, 2017
    risk 0.64cvss 9.8epss 0.05

    coders/psd.c in ImageMagick allows remote attackers to have unspecified impact by leveraging an improper cast, which triggers a heap-based buffer overflow.

  • CVE-2017-5337CriMar 24, 2017
    risk 0.64cvss 9.8epss 0.06

    Multiple heap-based buffer overflows in the read_attribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to have unspecified impact via a crafted OpenPGP certificate.