VYPR

CWE-369

Divide By Zero

BaseDraftLikelihood: Medium

Description

The product divides a value by zero.

This weakness typically occurs when an unexpected value is provided to the product, or if an error occurs that is not properly detected. It frequently occurs in calculations involving physical dimensions such as size, length, width, and height.

Hierarchy (View 1000)

Parents

Children

none

CVEs mapped to this weakness (221)

page 5 of 12
  • CVE-2017-15025MedOct 5, 2017
    risk 0.36cvss 5.5epss 0.02

    decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted ELF file.

  • CVE-2017-6271MedSep 22, 2017
    risk 0.36cvss 5.5epss 0.00

    NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiCreateAllocation where untrusted user input is used as a divisor without validation while processing block linear information which may lead to a potential divide by zero and…

  • CVE-2017-6270MedSep 22, 2017
    risk 0.36cvss 5.5epss 0.00

    NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiCreateAllocation where untrusted user input is used as a divisor without validation during a calculation which may lead to a potential divide by zero and denial of service.

  • CVE-2017-14106MedSep 1, 2017
    risk 0.36cvss 5.5epss 0.00

    The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel before 4.12 allows local users to cause a denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering a disconnect within a certain tcp_recvmsg code path.

  • CVE-2016-10506MedAug 30, 2017
    risk 0.36cvss 6.5epss 0.03

    Division-by-zero vulnerabilities in the functions opj_pi_next_cprl, opj_pi_next_pcrl, and opj_pi_next_rpcl in pi.c in OpenJPEG before 2.2.0 allow remote attackers to cause a denial of service (application crash) via crafted j2k files.

  • CVE-2014-0142MedAug 10, 2017
    risk 0.36cvss 5.5epss 0.00

    QEMU, possibly before 2.0.0, allows local users to cause a denial of service (divide-by-zero error and crash) via a zero value in the (1) tracks field to the seek_to_sector function in block/parallels.c or (2) extent_size field in the bochs function in block/bochs.c.

  • CVE-2017-11546MedJul 31, 2017
    risk 0.36cvss 5.5epss 0.01

    The insert_note_steps function in readmidi.c in TiMidity++ 2.14.0 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted mid file. NOTE: a crash might be relevant when using the --background option.

  • CVE-2016-9960MedJun 6, 2017
    risk 0.36cvss 5.5epss 0.01

    game-music-emu before 0.6.1 allows local users to cause a denial of service (divide by zero and process crash).

  • CVE-2017-9302MedMay 29, 2017
    risk 0.36cvss 5.5epss 0.02

    RealPlayer 16.0.2.32 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted mp4 file.

  • CVE-2017-8542MedMay 26, 2017
    risk 0.36cvss 5.5epss 0.06

    The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server…

  • CVE-2017-8539MedMay 26, 2017
    risk 0.36cvss 5.5epss 0.06

    The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server…

  • CVE-2017-8842MedMay 8, 2017
    risk 0.36cvss 5.5epss 0.02

    The bufRead::get() function in libzpaq/libzpaq.h in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted archive.

  • CVE-2017-7962MedApr 19, 2017
    risk 0.36cvss 5.5epss 0.01

    The iwgif_read_image function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted file.

  • CVE-2017-7595MedApr 9, 2017
    risk 0.36cvss 5.5epss 0.01

    The JPEGSetupEncode function in tiff_jpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image.

  • CVE-2017-7448MedApr 5, 2017
    risk 0.36cvss 5.5epss 0.01

    The allocate_channel_framebuffer function in uncompressed_components.hh in Dropbox Lepton 1.2.1 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a malformed JPEG image.

  • CVE-2016-10219MedApr 3, 2017
    risk 0.36cvss 5.5epss 0.02

    The intersect function in base/gxfill.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted file.

  • CVE-2016-9922MedMar 27, 2017
    risk 0.36cvss 5.5epss 0.00

    The cirrus_do_copy function in hw/display/cirrus_vga.c in QEMU (aka Quick Emulator), when cirrus graphics mode is VGA, allows local guest OS privileged users to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving blit pitch values.

  • CVE-2016-9265MedMar 23, 2017
    risk 0.36cvss 5.5epss 0.02

    The printMP3Headers function in listmp3.c in Libming 0.4.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted mp3 file.

  • CVE-2017-6835MedMar 20, 2017
    risk 0.36cvss 5.5epss 0.03

    The reset1 function in libaudiofile/modules/BlockCodec.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a crafted file.

  • CVE-2017-6833MedMar 20, 2017
    risk 0.36cvss 5.5epss 0.03

    The runPull function in libaudiofile/modules/BlockCodec.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a crafted file.