VYPR

CWE-190

Integer Overflow or Wraparound

BaseStableLikelihood: Medium

Description

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-92

CVEs mapped to this weakness (1,551)

page 6 of 78
  • CVE-2017-2921CriNov 7, 2017
    risk 0.64cvss 9.8epss 0.02

    An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of Cesanta Mongoose 6.8. A specially crafted websocket packet can cause an integer overflow, leading to a heap buffer overflow and resulting in denial of service and potential remote…

  • CVE-2017-2892CriNov 7, 2017
    risk 0.64cvss 9.8epss 0.02

    An exploitable arbitrary memory read vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT packet can cause an arbitrary out-of-bounds memory read and write potentially resulting in information disclosure, denial of…

  • CVE-2017-1000121CriNov 1, 2017
    risk 0.64cvss 9.8epss 0.01

    The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate message size metadata, allowing a compromised secondary process to trigger an integer overflow and subsequent buffer overflow in the UI process. This vulnerability does not affect…

  • CVE-2017-14636CriSep 22, 2017
    risk 0.64cvss 9.8epss 0.01

    Because of an integer overflow in sam2p 0.49.3, a loop executes 0xffffffff times, ending with an invalid read of size 1 in the Image::Indexed::sortPal function in image.cpp. However, this also causes memory corruption because of an attempted write to the invalid d[0xfffffffe]…

  • CVE-2017-9282CriSep 21, 2017
    risk 0.64cvss 9.8epss 0.01

    An integer overflow (CWE-190) led to an out-of-bounds write (CWE-787) on a heap-allocated area, leading to heap corruption in Micro Focus VisiBroker 8.5. The feasibility of leveraging this vulnerability for further attacks was not assessed.

  • CVE-2017-14630CriSep 21, 2017
    risk 0.64cvss 9.8epss 0.02

    In sam2p 0.49.3, an integer overflow exists in the pcxLoadImage24 function of the file in_pcx.cpp, leading to an invalid write operation.

  • CVE-2017-14062CriAug 31, 2017
    risk 0.64cvss 9.8epss 0.04

    Integer overflow in the decode_digit function in puny_decode.c in Libidn2 before 2.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact.

  • CVE-2017-14061CriAug 31, 2017
    risk 0.64cvss 9.8epss 0.02

    Integer overflow in the _isBidi function in bidi.c in Libidn2 before 2.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact.

  • CVE-2016-5871CriAug 18, 2017
    risk 0.64cvss 9.8epss 0.01

    In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow to buffer overflow vulnerability exists when loading an image file.

  • CVE-2016-10346CriAug 18, 2017
    risk 0.64cvss 9.8epss 0.01

    In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in the hypervisor.

  • CVE-2015-9062CriAug 18, 2017
    risk 0.64cvss 9.8epss 0.01

    In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow to buffer overflow vulnerability exists when loading an ELF file.

  • CVE-2017-9200CriMay 23, 2017
    risk 0.64cvss 9.8epss 0.02

    libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:528:63.

  • CVE-2017-9199CriMay 23, 2017
    risk 0.64cvss 9.8epss 0.02

    libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:192:19.

  • CVE-2017-9198CriMay 23, 2017
    risk 0.64cvss 9.8epss 0.02

    libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:508:18.

  • CVE-2017-9197CriMay 23, 2017
    risk 0.64cvss 9.8epss 0.02

    libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:498:55.

  • CVE-2017-9196CriMay 23, 2017
    risk 0.64cvss 9.8epss 0.02

    libautotrace.a in AutoTrace 0.31.1 has a "negative-size-param" issue in the ReadImage function in input-tga.c:528:7.

  • CVE-2017-9187CriMay 23, 2017
    risk 0.64cvss 9.8epss 0.02

    libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:486:7.

  • CVE-2017-9186CriMay 23, 2017
    risk 0.64cvss 9.8epss 0.02

    libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:326:17.

  • CVE-2017-9185CriMay 23, 2017
    risk 0.64cvss 9.8epss 0.02

    libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:319:7.

  • CVE-2017-9184CriMay 23, 2017
    risk 0.64cvss 9.8epss 0.02

    libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:314:7.