VYPR

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

ClassStableLikelihood: High

Description

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9

CVEs mapped to this weakness (10,979)

page 60 of 549
  • CVE-2017-7506HigJul 18, 2017
    risk 0.58cvss 8.8epss 0.04

    spice versions though 0.13 are vulnerable to out-of-bounds memory access when processing specially crafted messages from authenticated attacker to the spice server resulting into crash and/or server memory leak.

  • CVE-2017-6741HigJul 17, 2017
    risk 0.58cvss 8.8epss 0.06

    A vulnerability in the SNMP implementation of could allow an authenticated, remote attacker to cause a reload of the affected system or to remotely execute code. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the affected device. …

  • CVE-2017-10971HigJul 6, 2017
    risk 0.58cvss 8.8epss 0.04

    In the X.Org X server before 2017-06-19, a user authenticated to an X Session could crash or execute code in the context of the X Server by exploiting a stack overflow in the endianness conversion of X Events.

  • CVE-2017-9948HigJun 26, 2017
    risk 0.58cvss 8.8epss 0.06

    A stack buffer overflow vulnerability has been discovered in Microsoft Skype 7.2, 7.35, and 7.36 before 7.37, involving MSFTEDIT.DLL mishandling of remote RDP clipboard content within the message box.

  • CVE-2017-8541HigMay 26, 2017
    risk 0.58cvss 7.8epss 0.50

    The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server…

  • CVE-2017-8538HigMay 26, 2017
    risk 0.58cvss 7.8epss 0.50

    The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server…

  • CVE-2017-0252CriMay 15, 2017
    risk 0.58cvss 9.8epss 0.13

    A remote code execution vulnerability exists in Microsoft Chakra Core in the way JavaScript engines render when handling objects in memory. aka "Scripting Engine Memory Corruption Vulnerability". This vulnerability is unique from CVE-2017-0223.

  • CVE-2017-0223CriMay 15, 2017
    risk 0.58cvss 9.8epss 0.15

    A remote code execution vulnerability exists in Microsoft Chakra Core in the way JavaScript engines render when handling objects in memory. aka "Scripting Engine Memory Corruption Vulnerability". This vulnerability is unique from CVE-2017-0252.

  • CVE-2017-8361HigApr 30, 2017
    risk 0.58cvss 8.8epss 0.04

    The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted audio file.

  • CVE-2017-7219HigApr 13, 2017
    risk 0.58cvss 8.8epss 0.05

    A heap overflow vulnerability in Citrix NetScaler Gateway versions 10.1 before 135.8/135.12, 10.5 before 65.11, 11.0 before 70.12, and 11.1 before 52.13 allows a remote authenticated attacker to run arbitrary commands via unspecified vectors.

  • CVE-2017-7617HigApr 10, 2017
    risk 0.58cvss 8.8epss 0.06

    Remote code execution can occur in Asterisk Open Source 13.x before 13.14.1 and 14.x before 14.3.1 and Certified Asterisk 13.13 before 13.13-cert3 because of a buffer overflow in a CDR user field, related to X-ClientCode in chan_sip, the CDR dialplan function, and the AMI…

  • CVE-2017-7310HigMar 29, 2017
    risk 0.58cvss 7.8epss 0.54

    A buffer overflow vulnerability in Import Command in SyncBreeze before 10.6, DiskSorter before 10.6, DiskBoss before 8.9, DiskPulse before 10.6, DiskSavvy before 10.6, DupScout before 10.6, and VX Search before 10.6 allows attackers to execute arbitrary code via a crafted XML…

  • CVE-2017-6458HigMar 27, 2017
    risk 0.58cvss 8.8epss 0.07

    Multiple buffer overflows in the ctl_put* functions in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allow remote authenticated users to have unspecified impact via a long variable.

  • CVE-2017-0108HigMar 17, 2017
    risk 0.58cvss 7.8epss 0.50

    The Windows Graphics Component in Microsoft Office 2007 SP3; 2010 SP2; and Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Live Meeting 2007; Silverlight 5; Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; and Windows 7 SP1 allows remote attackers to…

  • CVE-2017-2997HigMar 14, 2017
    risk 0.58cvss 8.8epss 0.07

    Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable buffer overflow / underflow vulnerability in the Primetime TVSDK that supports customizing ad information. Successful exploitation could lead to arbitrary code execution.

  • CVE-2016-8866HigFeb 15, 2017
    risk 0.58cvss 8.8epss 0.05

    The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick 7.0.3.3 before 7.0.3.8 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure. NOTE: this vulnerability exists because of an incomplete fix for…

  • CVE-2016-8862HigFeb 15, 2017
    risk 0.58cvss 8.8epss 0.04

    The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick before 7.0.3.3 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure.

  • CVE-2017-5225HigJan 12, 2017
    risk 0.58cvss 8.8epss 0.04

    LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS or code execution via a crafted BitsPerSample value.

  • CVE-2016-9429HigDec 12, 2016
    risk 0.58cvss 8.8epss 0.04

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Buffer overflow in the formUpdateBuffer function in w3m allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML page.

  • CVE-2016-4738HigSep 25, 2016
    risk 0.58cvss 8.8epss 0.04

    libxslt in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.