VYPR

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

ClassStableLikelihood: High

Description

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9

CVEs mapped to this weakness (10,979)

page 32 of 549
  • CVE-2017-5336CriMar 24, 2017
    risk 0.64cvss 9.8epss 0.07

    Stack-based buffer overflow in the cdk_pk_get_keyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via a crafted OpenPGP certificate.

  • CVE-2016-10133CriMar 24, 2017
    risk 0.64cvss 9.8epss 0.02

    Heap-based buffer overflow in the js_stackoverflow function in jsrun.c in Artifex Software, Inc. MuJS allows attackers to have unspecified impact by leveraging an error when dropping extra arguments to lightweight functions.

  • CVE-2017-3853CriMar 22, 2017
    risk 0.64cvss 9.8epss 0.09

    A vulnerability in the Data-in-Motion (DMo) process installed with the Cisco IOx application environment could allow an unauthenticated, remote attacker to cause a stack overflow that could allow remote code execution with root privileges in the virtual instance running on an…

  • CVE-2014-9939CriMar 21, 2017
    risk 0.64cvss 9.8epss 0.02

    ihex.c in GNU Binutils before 2.26 contains a stack buffer overflow when printing bad bytes in Intel Hex objects.

  • CVE-2014-9847CriMar 20, 2017
    risk 0.64cvss 9.8epss 0.05

    The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact.

  • CVE-2014-9846CriMar 20, 2017
    risk 0.64cvss 9.8epss 0.05

    Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact.

  • CVE-2014-9843CriMar 20, 2017
    risk 0.64cvss 9.8epss 0.04

    The DecodePSDPixels function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors.

  • CVE-2017-0090HigMar 17, 2017
    risk 0.64cvss 8.8epss 0.43

    Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is different from those described in…

  • CVE-2017-0088HigMar 17, 2017
    risk 0.64cvss 8.8epss 0.42

    Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows Uniscribe Remote Code Execution Vulnerability."

  • CVE-2017-0087HigMar 17, 2017
    risk 0.64cvss 8.8epss 0.43

    Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is different from those described in…

  • CVE-2017-0086HigMar 17, 2017
    risk 0.64cvss 8.8epss 0.43

    Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is different from those described in…

  • CVE-2017-0083HigMar 17, 2017
    risk 0.64cvss 8.8epss 0.43

    Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is different from those described in…

  • CVE-2017-0072HigMar 17, 2017
    risk 0.64cvss 8.8epss 0.43

    Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is different from those described in…

  • CVE-2015-8981CriMar 16, 2017
    risk 0.64cvss 9.8epss 0.03

    Heap-based buffer overflow in the PdfParser::ReadXRefSubsection function in base/PdfParser.cpp in PoDoFo allows attackers to have unspecified impact via vectors related to m_offsets.size.

  • CVE-2017-6023CriMar 16, 2017
    risk 0.64cvss 9.8epss 0.04

    An issue was discovered in Fatek Automation PLC Ethernet Module. The affected Ether_cfg software configuration tool runs on the following Fatek PLCs: CBEH versions prior to V3.6 Build 170215, CBE versions prior to V3.6 Build 170215, CM55E versions prior to V3.6 Build 170215, and…

  • CVE-2017-5522CriMar 15, 2017
    risk 0.64cvss 9.8epss 0.05

    Stack-based buffer overflow in MapServer before 6.0.6, 6.2.x before 6.2.4, 6.4.x before 6.4.5, and 7.0.x before 7.0.4 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via vectors involving WFS get feature requests.

  • CVE-2016-8863CriMar 7, 2017
    risk 0.64cvss 9.8epss 0.08

    Heap-based buffer overflow in the create_url_list function in gena/gena_device.c in Portable UPnP SDK (aka libupnp) before 1.6.21 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a valid URI followed by an invalid one in the…

  • CVE-2017-5581CriFeb 28, 2017
    risk 0.64cvss 9.8epss 0.04

    Buffer overflow in the ModifiablePixelBuffer::fillRect function in TigerVNC before 1.7.1 allows remote servers to execute arbitrary code via an RRE message with subrectangle outside framebuffer boundaries.

  • CVE-2016-9400CriFeb 22, 2017
    risk 0.64cvss 9.8epss 0.04

    The CClient::ProcessServerPacket method in engine/client/client.cpp in Teeworlds before 0.6.4 allows remote servers to write to arbitrary physical memory locations and possibly execute arbitrary code via vectors involving snap handling.

  • CVE-2016-7663CriFeb 20, 2017
    risk 0.64cvss 9.8epss 0.03

    An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "CoreFoundation" component. It allows remote attackers to execute arbitrary code or cause a denial of…