CWE-125

Out-of-bounds Read

BaseDraft

Description

The product reads data past the end, or before the beginning, of the intended buffer.

Hierarchy (View 1000)

Parents

CWE-119

Children

Related attack patterns (CAPEC)

CAPEC-540

CVEs mapped to this weakness (1,460)

page 3 of 73

CVE	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2017-13049	Cri	0.64	9.8	0.01	Sep 14, 2017	The Rx protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-rx.c:ubik_print().
CVE-2017-13048	Cri	0.64	9.8	0.01	Sep 14, 2017	The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().
CVE-2017-13047	Cri	0.64	9.8	0.01	Sep 14, 2017	The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().
CVE-2017-13046	Cri	0.64	9.8	0.00	Sep 14, 2017	The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().
CVE-2017-13045	Cri	0.64	9.8	0.01	Sep 14, 2017	The VQP parser in tcpdump before 4.9.2 has a buffer over-read in print-vqp.c:vqp_print().
CVE-2017-13044	Cri	0.64	9.8	0.01	Sep 14, 2017	The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv4_print().
CVE-2017-13043	Cri	0.64	9.8	0.01	Sep 14, 2017	The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_multicast_vpn().
CVE-2017-13042	Cri	0.64	9.8	0.01	Sep 14, 2017	The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv6_print().
CVE-2017-13041	Cri	0.64	9.8	0.02	Sep 14, 2017	The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_nodeinfo_print().
CVE-2017-13040	Cri	0.64	9.8	0.02	Sep 14, 2017	The MPTCP parser in tcpdump before 4.9.2 has a buffer over-read in print-mptcp.c, several functions.
CVE-2017-13039	Cri	0.64	9.8	0.01	Sep 14, 2017	The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions.
CVE-2017-13038	Cri	0.64	9.8	0.02	Sep 14, 2017	The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:handle_mlppp().
CVE-2017-13037	Cri	0.64	9.8	0.01	Sep 14, 2017	The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printts().
CVE-2017-13036	Cri	0.64	9.8	0.00	Sep 14, 2017	The OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in print-ospf6.c:ospf6_decode_v3().
CVE-2017-13035	Cri	0.64	9.8	0.01	Sep 14, 2017	The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_id().
CVE-2017-13034	Cri	0.64	9.8	0.01	Sep 14, 2017	The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().
CVE-2017-13033	Cri	0.64	9.8	0.02	Sep 14, 2017	The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().
CVE-2017-13032	Cri	0.64	9.8	0.01	Sep 14, 2017	The RADIUS parser in tcpdump before 4.9.2 has a buffer over-read in print-radius.c:print_attr_string().
CVE-2017-13031	Cri	0.64	9.8	0.01	Sep 14, 2017	The IPv6 fragmentation header parser in tcpdump before 4.9.2 has a buffer over-read in print-frag6.c:frag6_print().
CVE-2017-13030	Cri	0.64	9.8	0.01	Sep 14, 2017	The PIM parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c, several functions.