VYPR

CWE-125

Out-of-bounds Read

BaseDraft

Description

The product reads data past the end, or before the beginning, of the intended buffer.

Hierarchy (View 1000)

Parents

Related attack patterns (CAPEC)

CAPEC-540

CVEs mapped to this weakness (1,460)

page 59 of 73
  • CVE-2017-5504MedMar 1, 2017
    risk 0.36cvss 5.5epss 0.00

    The jpc_undo_roi function in libjasper/jpc/jpc_dec.c in JasPer 1.900.27 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted image.

  • CVE-2016-10029MedFeb 27, 2017
    risk 0.36cvss 5.5epss 0.00

    The virtio_gpu_set_scanout function in QEMU (aka Quick Emulator) built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service (out-of-bounds read and process crash) via a scanout id in a VIRTIO_GPU_CMD_SET_SCANOUT command larger than num_scanouts.

  • CVE-2016-10028MedFeb 27, 2017
    risk 0.36cvss 5.5epss 0.00

    The virgl_cmd_get_capset function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service (out-of-bounds read and process crash) via a VIRTIO_GPU_CMD_GET_CAPSET command with a maximum capabilities size with a value of 0.

  • CVE-2016-4493MedFeb 24, 2017
    risk 0.36cvss 5.5epss 0.00

    The demangle_template_value_parm and do_hpacc_template_literal functions in cplus-dem.c in libiberty allow remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted binary.

  • CVE-2016-5031MedFeb 17, 2017
    risk 0.36cvss 5.5epss 0.00

    The print_frame_inst_bytes function in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.

  • CVE-2016-9773MedFeb 17, 2017
    risk 0.36cvss 5.5epss 0.00

    Heap-based buffer overflow in the IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9556.

  • CVE-2017-6011MedFeb 16, 2017
    risk 0.36cvss 5.5epss 0.00

    An issue was discovered in icoutils 0.31.1. An out-of-bounds read leading to a buffer overflow was observed in the "simple_vec" function in the "extract.c" source file. This affects icotool.

  • CVE-2016-8681MedFeb 15, 2017
    risk 0.36cvss 5.5epss 0.01

    The _dwarf_get_abbrev_for_code function in dwarf_util.c in libdwarf 20161001 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) by calling the dwarfdump command on a crafted file.

  • CVE-2016-8678MedFeb 15, 2017
    risk 0.36cvss 5.5epss 0.00

    The IsPixelMonochrome function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.0 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted file. NOTE: the vendor says "This is a Q64 issue and we do not support Q64."

  • CVE-2016-7393MedFeb 15, 2017
    risk 0.36cvss 5.5epss 0.00

    Stack-based buffer overflow in the aac_sync function in aac_parser.c in Libav before 11.5 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.

  • CVE-2017-5896MedFeb 15, 2017
    risk 0.36cvss 5.5epss 0.00

    Heap-based buffer overflow in the fz_subsample_pixmap function in fitz/pixmap.c in MuPDF 1.10a allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted image.

  • CVE-2016-8688MedFeb 15, 2017
    risk 0.36cvss 5.5epss 0.00

    The mtree bidder in libarchive 3.2.1 does not keep track of line sizes when extending the read-ahead, which allows remote attackers to cause a denial of service (crash) via a crafted file, which triggers an invalid read in the (1) detect_form or (2) bid_entry function in libarchive/archive_read_support_format_mtree.c.

  • CVE-2017-5846MedFeb 9, 2017
    risk 0.36cvss 5.5epss 0.01

    The gst_asf_demux_process_ext_stream_props function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via vectors related to the number of languages in a video file.

  • CVE-2016-10198MedFeb 9, 2017
    risk 0.36cvss 5.5epss 0.02

    The gst_aac_parse_sink_setcaps function in gst/audioparsers/gstaacparse.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted audio file.

  • CVE-2016-9532MedFeb 6, 2017
    risk 0.36cvss 5.5epss 0.01

    Integer overflow in the writeBufferToSeparateStrips function in tiffcrop.c in LibTIFF before 4.0.7 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tif file.

  • CVE-2016-3183MedFeb 3, 2017
    risk 0.36cvss 5.5epss 0.00

    The sycc422_t_rgb function in common/color.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted jpeg2000 file.

  • CVE-2016-9642MedFeb 3, 2017
    risk 0.36cvss 5.5epss 0.00

    JavaScriptCore in WebKit allows attackers to cause a denial of service (out-of-bounds heap read) via a crafted Javascript file.

  • CVE-2016-8568MedFeb 3, 2017
    risk 0.36cvss 5.5epss 0.00

    The git_commit_message function in oid.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a cat-file command with a crafted object file.

  • CVE-2016-6163MedFeb 3, 2017
    risk 0.36cvss 5.5epss 0.00

    The rsvg_pattern_fix_fallback function in rsvg-paint_server.c in librsvg2 2.40.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted svg file.

  • CVE-2016-5115MedFeb 3, 2017
    risk 0.36cvss 5.5epss 0.00

    The avcodec_decode_audio4 function in libavcodec in libavformat 57.34.103, as used in MPlayer, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mp3 file.