VYPR

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

ClassStableLikelihood: High

Description

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9

CVEs mapped to this weakness (10,979)

page 35 of 549
  • CVE-2016-7926CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The Ethernet parser in tcpdump before 4.9.0 has a buffer overflow in print-ether.c:ethertype_print().

  • CVE-2016-7925CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The compressed SLIP parser in tcpdump before 4.9.0 has a buffer overflow in print-sl.c:sl_if_print().

  • CVE-2016-7924CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:oam_print().

  • CVE-2016-7923CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The ARP parser in tcpdump before 4.9.0 has a buffer overflow in print-arp.c:arp_print().

  • CVE-2016-7922CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The AH parser in tcpdump before 4.9.0 has a buffer overflow in print-ah.c:ah_print().

  • CVE-2016-9636CriJan 27, 2017
    risk 0.64cvss 9.8epss 0.09

    Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'write count' that goes beyond…

  • CVE-2016-9635CriJan 27, 2017
    risk 0.64cvss 9.8epss 0.09

    Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'skip count' that goes beyond…

  • CVE-2016-9634CriJan 27, 2017
    risk 0.64cvss 9.8epss 0.09

    Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via the start_line parameter.

  • CVE-2016-8411CriJan 27, 2017
    risk 0.64cvss 9.8epss 0.01

    Buffer overflow vulnerability while processing QMI QOS TLVs. Product: Android. Versions: versions that have qmi_qos_srvc.c. Android ID: 31805216. References: QC CR#912775.

  • CVE-2016-9307CriJan 25, 2017
    risk 0.64cvss 9.8epss 0.02

    Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed 3DS format files.

  • CVE-2016-9306CriJan 25, 2017
    risk 0.64cvss 9.8epss 0.02

    Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed DAE format files.

  • CVE-2016-9303CriJan 25, 2017
    risk 0.64cvss 9.8epss 0.04

    Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code or cause an infinite loop condition when reading or converting malformed FBX format files.

  • CVE-2016-5873CriJan 23, 2017
    risk 0.64cvss 9.8epss 0.05

    Buffer overflow in the HTTP URL parsing functions in pecl_http before 3.0.1 might allow remote attackers to execute arbitrary code via non-printable characters in a URL.

  • CVE-2016-3147CriJan 23, 2017
    risk 0.64cvss 9.8epss 0.06

    Buffer overflow in the collector.exe listener of the Landesk Management Suite 10.0.0.271 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large packet.

  • CVE-2015-8972CriJan 23, 2017
    risk 0.64cvss 9.8epss 0.04

    Stack-based buffer overflow in the ValidateMove function in frontend/move.cc in GNU Chess (aka gnuchess) before 6.2.4 might allow context-dependent attackers to execute arbitrary code via a large input, as demonstrated when in UCI mode.

  • CVE-2016-9679CriJan 18, 2017
    risk 0.64cvss 9.8epss 0.03

    Citrix Provisioning Services before 7.12 allows attackers to execute arbitrary code by overwriting a function pointer.

  • CVE-2016-9676CriJan 18, 2017
    risk 0.64cvss 9.8epss 0.04

    Buffer overflow in Citrix Provisioning Services before 7.12 allows attackers to execute arbitrary code via unspecified vectors.

  • CVE-2016-7996CriJan 18, 2017
    risk 0.64cvss 9.8epss 0.04

    Heap-based buffer overflow in the WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to have unspecified impact via a colormap with a large number of entries.

  • CVE-2016-2090CriJan 13, 2017
    risk 0.64cvss 9.8epss 0.03

    Off-by-one vulnerability in the fgetwln function in libbsd before 0.8.2 allows attackers to have unspecified impact via unknown vectors, which trigger a heap-based buffer overflow.

  • CVE-2016-8459CriJan 12, 2017
    risk 0.64cvss 9.8epss 0.02

    Possible buffer overflow in storage subsystem. Bad parameters as part of listener responses to RPMB commands could lead to buffer overflow. Product: Android. Versions: Kernel 3.18. Android ID: A-32577972. References: QC-CR#988462.