VYPR

CWE-190

Integer Overflow or Wraparound

BaseStableLikelihood: Medium

Description

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-92

CVEs mapped to this weakness (1,551)

page 23 of 78
  • CVE-2017-5853HigMar 1, 2017
    risk 0.51cvss 7.8epss 0.01

    Integer overflow in base/PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file.

  • CVE-2016-8389HigFeb 28, 2017
    risk 0.51cvss 7.8epss 0.02

    An exploitable integer-overflow vulnerability exists within Iceni Argus. When it attempts to convert a malformed PDF to XML, it will attempt to convert each character from a font into a polygon and then attempt to rasterize these shapes. As the application attempts to iterate…

  • CVE-2017-6308HigFeb 24, 2017
    risk 0.51cvss 7.8epss 0.02

    An issue was discovered in tnef before 1.4.13. Several Integer Overflows, which can lead to Heap Overflows, have been identified in the functions that wrap memory allocation.

  • CVE-2017-6303HigFeb 24, 2017
    risk 0.51cvss 7.8epss 0.01

    An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "6 of 9. Invalid Write and Integer Overflow."

  • CVE-2017-6302HigFeb 24, 2017
    risk 0.51cvss 7.8epss 0.01

    An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "5 of 9. Integer Overflow."

  • CVE-2016-8636HigFeb 22, 2017
    risk 0.51cvss 7.8epss 0.01

    Integer overflow in the mem_check_range function in drivers/infiniband/sw/rxe/rxe_mr.c in the Linux kernel before 4.9.10 allows local users to cause a denial of service (memory corruption), obtain sensitive information from kernel memory, or possibly have unspecified other…

  • CVE-2016-6252HigFeb 17, 2017
    risk 0.51cvss 7.8epss 0.00

    Integer overflow in shadow 4.2.1 allows local users to gain privileges via crafted input to newuidmap.

  • CVE-2016-1889HigFeb 15, 2017
    risk 0.51cvss 7.8epss 0.00

    Integer overflow in the bhyve hypervisor in FreeBSD 10.1, 10.2, 10.3, and 11.0 when configured with a large amount of guest memory, allows local users to gain privilege via a crafted device descriptor.

  • CVE-2017-0410HigFeb 8, 2017
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities,…

  • CVE-2017-5576HigFeb 6, 2017
    risk 0.51cvss 7.8epss 0.00

    Integer overflow in the vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted size value in a VC4_SUBMIT_CL ioctl…

  • CVE-2017-5628HigJan 30, 2017
    risk 0.51cvss 7.8epss 0.01

    An issue was discovered in Artifex Software, Inc. MuJS before 8f62ea10a0af68e56d5c00720523ebcba13c2e6a. The MakeDay function in jsdate.c does not validate the month, leading to an integer overflow when parsing a specially crafted JS file.

  • CVE-2017-5627HigJan 30, 2017
    risk 0.51cvss 7.8epss 0.01

    An issue was discovered in Artifex Software, Inc. MuJS before 4006739a28367c708dea19aeb19b8a1a9326ce08. The jsR_setproperty function in jsrun.c lacks a check for a negative array length. This leads to an integer overflow in the js_pushstring function in jsrun.c when parsing a…

  • CVE-2017-0383HigJan 12, 2017
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities,…

  • CVE-2017-0381HigJan 12, 2017
    risk 0.51cvss 7.8epss 0.01

    An information disclosure vulnerability in silk/NLSF_stabilize.c in libopus in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without…

  • CVE-2016-4298HigJan 6, 2017
    risk 0.51cvss 7.8epss 0.02

    When opening a Hangul HShow Document (.hpt) and processing a structure within the document, Hancom Office 2014 will attempt to allocate space for a list of elements using a length from the file. When calculating this length, an integer overflow can be made to occur which will…

  • CVE-2016-4291HigJan 6, 2017
    risk 0.51cvss 7.8epss 0.02

    When opening a Hangul HShow Document (.hpt) and processing a structure within the document, Hancom Office 2014 will use a field from the structure in an operation that can cause the integer to overflow. This result is then used to allocate memory to copy file data in. Due to the…

  • CVE-2016-4290HigJan 6, 2017
    risk 0.51cvss 7.8epss 0.02

    When opening a Hangul HShow Document (.hpt) and processing a structure within the document, Hancom Office 2014 will attempt to allocate space for a block of data within the file. When calculating this length, the application will use a value from the file and add a constant to…

  • CVE-2016-9754HigJan 5, 2017
    risk 0.51cvss 7.8epss 0.01

    The ring_buffer_resize function in kernel/trace/ring_buffer.c in the profiling subsystem in the Linux kernel before 4.6.1 mishandles certain integer calculations, which allows local users to gain privileges by writing to the /sys/kernel/debug/tracing/buffer_size_kb file.

  • CVE-2016-9031HigDec 14, 2016
    risk 0.51cvss 7.8epss 0.00

    An exploitable integer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES when dealing with 32-bit file systems. An attacker can craft an input that can cause a…

  • CVE-2016-9084HigNov 28, 2016
    risk 0.51cvss 7.8epss 0.00

    drivers/vfio/pci/vfio_pci_intrs.c in the Linux kernel through 4.8.11 misuses the kzalloc function, which allows local users to cause a denial of service (integer overflow) or have unspecified other impact by leveraging access to a vfio PCI device file.