VYPR

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

ClassStableLikelihood: High

Description

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9

CVEs mapped to this weakness (10,979)

page 34 of 549
  • CVE-2016-7986CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The GeoNetworking parser in tcpdump before 4.9.0 has a buffer overflow in print-geonet.c, multiple functions.

  • CVE-2016-7985CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The CALM FAST parser in tcpdump before 4.9.0 has a buffer overflow in print-calm-fast.c:calm_fast_print().

  • CVE-2016-7984CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The TFTP parser in tcpdump before 4.9.0 has a buffer overflow in print-tftp.c:tftp_print().

  • CVE-2016-7983CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.04

    The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print().

  • CVE-2016-7975CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The TCP parser in tcpdump before 4.9.0 has a buffer overflow in print-tcp.c:tcp_print().

  • CVE-2016-7974CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The IP parser in tcpdump before 4.9.0 has a buffer overflow in print-ip.c, multiple functions.

  • CVE-2016-7973CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The AppleTalk parser in tcpdump before 4.9.0 has a buffer overflow in print-atalk.c, multiple functions.

  • CVE-2016-7940CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The STP parser in tcpdump before 4.9.0 has a buffer overflow in print-stp.c, multiple functions.

  • CVE-2016-7939CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The GRE parser in tcpdump before 4.9.0 has a buffer overflow in print-gre.c, multiple functions.

  • CVE-2016-7937CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The VAT parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:vat_print().

  • CVE-2016-7936CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The UDP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:udp_print().

  • CVE-2016-7935CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The RTP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtp_print().

  • CVE-2016-7934CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The RTCP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtcp_print().

  • CVE-2016-7933CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The PPP parser in tcpdump before 4.9.0 has a buffer overflow in print-ppp.c:ppp_hdlc_if_print().

  • CVE-2016-7932CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The PIM parser in tcpdump before 4.9.0 has a buffer overflow in print-pim.c:pimv2_check_checksum().

  • CVE-2016-7931CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The MPLS parser in tcpdump before 4.9.0 has a buffer overflow in print-mpls.c:mpls_print().

  • CVE-2016-7930CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The LLC/SNAP parser in tcpdump before 4.9.0 has a buffer overflow in print-llc.c:llc_print().

  • CVE-2016-7929CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The Juniper PPPoE ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-juniper.c:juniper_parse_header().

  • CVE-2016-7928CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The IPComp parser in tcpdump before 4.9.0 has a buffer overflow in print-ipcomp.c:ipcomp_print().

  • CVE-2016-7927CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The IEEE 802.11 parser in tcpdump before 4.9.0 has a buffer overflow in print-802_11.c:ieee802_11_radio_print().