VYPR

CWE-125

Out-of-bounds Read

BaseDraft

Description

The product reads data past the end, or before the beginning, of the intended buffer.

Hierarchy (View 1000)

Parents

Related attack patterns (CAPEC)

CAPEC-540

CVEs mapped to this weakness (2,466)

page 18 of 124
  • CVE-2018-7438HigFeb 23, 2018
    risk 0.57cvss 8.8epss 0.02

    An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in the parse_unicode_string function.

  • CVE-2018-7437HigFeb 23, 2018
    risk 0.57cvss 8.8epss 0.02

    An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in a memcpy call of the parse_SST function.

  • CVE-2018-7436HigFeb 23, 2018
    risk 0.57cvss 8.8epss 0.02

    An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in a pointer dereference of the parse_SST function.

  • CVE-2018-7435HigFeb 23, 2018
    risk 0.57cvss 8.8epss 0.02

    An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in the freexl::destroy_cell function.

  • CVE-2017-15388HigFeb 7, 2018
    risk 0.57cvss 8.8epss 0.02

    Iteration through non-finite points in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

  • CVE-2018-6406HigJan 30, 2018
    risk 0.57cvss 8.8epss 0.02

    The function ParseVP9SuperFrameIndex in common/libwebm_util.cc in libwebm through 2018-01-30 does not validate the child_frame_length data obtained from a .webm file, which allows remote attackers to cause an information leak or a denial of service (heap-based buffer over-read…

  • CVE-2018-6315HigJan 25, 2018
    risk 0.57cvss 8.8epss 0.03

    The outputSWF_TEXT_RECORD function (util/outputscript.c) in libming through 0.4.8 is vulnerable to an integer overflow and resultant out-of-bounds read, which may allow attackers to cause a denial of service or unspecified other impact via a crafted SWF file.

  • CVE-2018-5360HigJan 14, 2018
    risk 0.57cvss 8.8epss 0.02

    LibTIFF before 4.0.6 mishandles the reading of TIFF files, as demonstrated by a heap-based buffer over-read in the ReadTIFFImage function in coders/tiff.c in GraphicsMagick 1.3.27.

  • CVE-2018-5248HigJan 5, 2018
    risk 0.57cvss 8.8epss 0.04

    In ImageMagick 7.0.7-17 Q16, there is a heap-based buffer over-read in coders/sixel.c in the ReadSIXELImage function, related to the sixel_decode function.

  • CVE-2017-17942HigDec 28, 2017
    risk 0.57cvss 8.8epss 0.02

    In LibTIFF 4.0.9, there is a heap-based buffer over-read in the function PackBitsEncode in tif_packbits.c.

  • CVE-2017-17915HigDec 27, 2017
    risk 0.57cvss 8.8epss 0.02

    In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buffer over-read in ReadMNGImage in coders/png.c, related to accessing one byte before testing whether a limit has been reached.

  • CVE-2017-17913HigDec 27, 2017
    risk 0.57cvss 8.8epss 0.02

    In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to an incompatibility with libwebp versions, 0.5.0 and later, that use a different structure type.

  • CVE-2017-17912HigDec 27, 2017
    risk 0.57cvss 8.8epss 0.02

    In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buffer over-read in ReadNewsProfile in coders/tiff.c, in which LocaleNCompare reads heap data beyond the allocated region.

  • CVE-2017-17880HigDec 27, 2017
    risk 0.57cvss 8.8epss 0.01

    In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to a WEBP_DECODER_ABI_VERSION check.

  • CVE-2017-17879HigDec 27, 2017
    risk 0.57cvss 8.8epss 0.03

    In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a heap-based buffer over-read in ReadOneMNGImage in coders/png.c, related to length calculation and caused by an off-by-one error.

  • CVE-2017-17782HigDec 20, 2017
    risk 0.57cvss 8.8epss 0.02

    In GraphicsMagick 1.3.27a, there is a heap-based buffer over-read in ReadOneJNGImage in coders/png.c, related to oFFs chunk allocation.

  • CVE-2017-17503HigDec 11, 2017
    risk 0.57cvss 8.8epss 0.02

    ReadGRAYImage in coders/gray.c in GraphicsMagick 1.3.26 has a magick/import.c ImportGrayQuantumType heap-based buffer over-read via a crafted file.

  • CVE-2017-17502HigDec 11, 2017
    risk 0.57cvss 8.8epss 0.02

    ReadCMYKImage in coders/cmyk.c in GraphicsMagick 1.3.26 has a magick/import.c ImportCMYKQuantumType heap-based buffer over-read via a crafted file.

  • CVE-2017-17501HigDec 11, 2017
    risk 0.57cvss 8.8epss 0.03

    WriteOnePNGImage in coders/png.c in GraphicsMagick 1.3.26 has a heap-based buffer over-read via a crafted file.

  • CVE-2017-17500HigDec 11, 2017
    risk 0.57cvss 8.8epss 0.03

    ReadRGBImage in coders/rgb.c in GraphicsMagick 1.3.26 has a magick/import.c ImportRGBQuantumType heap-based buffer over-read via a crafted file.