VYPR

CWE-125

Out-of-bounds Read

BaseDraft

Description

The product reads data past the end, or before the beginning, of the intended buffer.

Hierarchy (View 1000)

Parents

Related attack patterns (CAPEC)

CAPEC-540

CVEs mapped to this weakness (2,466)

page 6 of 124
  • CVE-2017-13038CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.04

    The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:handle_mlppp().

  • CVE-2017-13037CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printts().

  • CVE-2017-13036CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in print-ospf6.c:ospf6_decode_v3().

  • CVE-2017-13035CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_id().

  • CVE-2017-13034CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().

  • CVE-2017-13033CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.04

    The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().

  • CVE-2017-13032CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The RADIUS parser in tcpdump before 4.9.2 has a buffer over-read in print-radius.c:print_attr_string().

  • CVE-2017-13031CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The IPv6 fragmentation header parser in tcpdump before 4.9.2 has a buffer over-read in print-frag6.c:frag6_print().

  • CVE-2017-13030CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The PIM parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c, several functions.

  • CVE-2017-13029CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:print_ccp_config_options().

  • CVE-2017-13028CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.04

    The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootp_print().

  • CVE-2017-13027CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_mgmt_addr_tlv_print().

  • CVE-2017-13026CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c, several functions.

  • CVE-2017-13025CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().

  • CVE-2017-13024CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().

  • CVE-2017-13023CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().

  • CVE-2017-13022CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printroute().

  • CVE-2017-13021CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_print().

  • CVE-2017-13020CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().

  • CVE-2017-13019CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.04

    The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().