VYPR

CWE-125

Out-of-bounds Read

BaseDraft

Description

The product reads data past the end, or before the beginning, of the intended buffer.

Hierarchy (View 1000)

Parents

Related attack patterns (CAPEC)

CAPEC-540

CVEs mapped to this weakness (2,466)

page 7 of 124
  • CVE-2017-13018CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().

  • CVE-2017-13017CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.02

    The DHCPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-dhcp6.c:dhcp6opt_print().

  • CVE-2017-13016CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().

  • CVE-2017-13015CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.02

    The EAP parser in tcpdump before 4.9.2 has a buffer over-read in print-eap.c:eap_print().

  • CVE-2017-13014CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The White Board protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-wb.c:wb_prep(), several functions.

  • CVE-2017-13013CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The ARP parser in tcpdump before 4.9.2 has a buffer over-read in print-arp.c, several functions.

  • CVE-2017-13012CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print().

  • CVE-2017-13010CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The BEEP parser in tcpdump before 4.9.2 has a buffer over-read in print-beep.c:l_strnstart().

  • CVE-2017-13009CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_print().

  • CVE-2017-13008CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements().

  • CVE-2017-13007CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.02

    The Apple PKTAP parser in tcpdump before 4.9.2 has a buffer over-read in print-pktap.c:pktap_if_print().

  • CVE-2017-13006CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The L2TP parser in tcpdump before 4.9.2 has a buffer over-read in print-l2tp.c, several functions.

  • CVE-2017-13005CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:xid_map_enter().

  • CVE-2017-13004CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c:juniper_parse_header().

  • CVE-2017-13003CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.02

    The LMP parser in tcpdump before 4.9.2 has a buffer over-read in print-lmp.c:lmp_print().

  • CVE-2017-13002CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The AODV parser in tcpdump before 4.9.2 has a buffer over-read in print-aodv.c:aodv_extension().

  • CVE-2017-13001CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.02

    The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:nfs_printfh().

  • CVE-2017-13000CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The IEEE 802.15.4 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_15_4.c:ieee802_15_4_if_print().

  • CVE-2017-12999CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print().

  • CVE-2017-12998CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.02

    The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_extd_ip_reach().