VYPR

CWE-190

Integer Overflow or Wraparound

BaseStableLikelihood: Medium

Description

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-92

CVEs mapped to this weakness (1,551)

page 51 of 78
  • CVE-2018-1000098HigMar 13, 2018
    risk 0.49cvss 7.5epss 0.03

    Teluu PJSIP version 2.7.1 and earlier contains a Integer Overflow vulnerability in pjmedia SDP parsing that can result in Crash. This attack appear to be exploitable via Sending a specially crafted message. This vulnerability appears to have been fixed in 2.7.2.

  • CVE-2017-15344HigFeb 15, 2018
    risk 0.49cvss 7.5epss 0.01

    Huawei AR3200 with software V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30 has an integer overflow vulnerability. The software does not sufficiently validate certain field in SCTP messages, a remote…

  • CVE-2017-15343HigFeb 15, 2018
    risk 0.49cvss 7.5epss 0.01

    Huawei AR3200 with software V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30 has an integer overflow vulnerability. The software does not sufficiently validate certain field in SCTP messages, a remote…

  • CVE-2018-5709HigJan 16, 2018
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this…

  • CVE-2017-1000470HigJan 3, 2018
    risk 0.49cvss 7.5epss 0.08

    EmbedThis GoAhead Webserver versions 4.0.0 and earlier is vulnerable to an integer overflow in the HTTP listener resulting in denial of service.

  • CVE-2017-16612HigDec 1, 2017
    risk 0.49cvss 7.5epss 0.05

    libXcursor before 1.1.15 has various integer overflows that could lead to heap buffer overflows when processing malicious cursors, e.g., with programs like GIMP. It is also possible that an attack vector exists against the related code in cursor/xcursor.c in Wayland through…

  • CVE-2017-9281HigSep 21, 2017
    risk 0.49cvss 7.5epss 0.01

    An integer overflow (CWE-190) potentially causing an out-of-bounds read (CWE-125) vulnerability in Micro Focus VisiBroker 8.5 can lead to a denial of service.

  • CVE-2017-14629HigSep 21, 2017
    risk 0.49cvss 7.5epss 0.01

    In sam2p 0.49.3, the in_xpm_reader function in in_xpm.cpp has an integer signedness error, leading to a crash when writing to an out-of-bounds array element.

  • CVE-2017-12425HigAug 4, 2017
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in Varnish HTTP Cache 4.0.1 through 4.0.4, 4.1.0 through 4.1.7, 5.0.0, and 5.1.0 through 5.1.2. A wrong if statement in the varnishd source code means that particular invalid requests from the client can trigger an assert, related to an Integer Overflow.…

  • CVE-2015-1529HigMay 23, 2017
    risk 0.49cvss 7.5epss 0.01

    Integer overflow in soundtrigger/ISoundTriggerHwService.cpp in Android allows attacks to cause a denial of service via unspecified vectors.

  • CVE-2017-6962HigMar 17, 2017
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in apng2gif 1.7. There is an integer overflow resulting in a heap-based buffer overflow. This is related to the read_chunk function making an unchecked addition of 12.

  • CVE-2017-6960HigMar 17, 2017
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in apng2gif 1.7. There is an integer overflow resulting in a heap-based buffer over-read, related to the load_apng function and the imagesize variable.

  • CVE-2016-2147HigFeb 9, 2017
    risk 0.49cvss 7.5epss 0.08

    Integer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to cause a denial of service (crash) via a malformed RFC1035-encoded domain name, which triggers an out-of-bounds heap write.

  • CVE-2016-9108HigFeb 3, 2017
    risk 0.49cvss 7.5epss 0.03

    Integer overflow in the js_regcomp function in regexp.c in Artifex Software, Inc. MuJS before commit b6de34ac6d8bb7dd5461c57940acfbd3ee7fd93e allows attackers to cause a denial of service (application crash) via a crafted regular expression.

  • CVE-2017-5597HigJan 25, 2017
    risk 0.49cvss 7.5epss 0.02

    In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the DHCPv6 dissector could go into a large loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-dhcpv6.c by changing a data type to avoid an integer overflow.

  • CVE-2017-5596HigJan 25, 2017
    risk 0.49cvss 7.5epss 0.03

    In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the ASTERIX dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-asterix.c by changing a data type to avoid an integer overflow.

  • CVE-2016-9445HigJan 23, 2017
    risk 0.49cvss 7.5epss 0.04

    Integer overflow in the vmnc decoder in the gstreamer allows remote attackers to cause a denial of service (crash) via large width and height values, which triggers a buffer overflow.

  • CVE-2016-6823HigJan 18, 2017
    risk 0.49cvss 7.5epss 0.05

    Integer overflow in the BMP coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (crash) via crafted height and width values, which triggers an out-of-bounds write.

  • CVE-2015-7848HigJan 6, 2017
    risk 0.49cvss 7.5epss 0.06

    An integer overflow can occur in NTP-dev.4.3.70 leading to an out-of-bounds memory copy operation when processing a specially crafted private mode packet. The crafted packet needs to have the correct message authentication code and a valid timestamp. When processed by the NTP…

  • CVE-2016-7945HigDec 13, 2016
    risk 0.49cvss 7.5epss 0.03

    Multiple integer overflows in X.org libXi before 1.7.7 allow remote X servers to cause a denial of service (out-of-bounds memory access or infinite loop) via vectors involving length fields.