VYPR

CWE-469

Use of Pointer Subtraction to Determine Size

BaseDraftLikelihood: Medium

Description

The product subtracts one pointer from another in order to determine size, but this calculation can be incorrect if the pointers do not exist in the same memory chunk.

Hierarchy (View 1000)

Parents

Children

none

CVEs mapped to this weakness (1)

  • CVE-2019-25595MedMar 22, 2026
    risk 0.40cvss 6.2epss 0.00

    jetAudio 8.1.7.20702 Basic contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string through the URL input handler. Attackers can trigger the crash by pasting a buffer of 5000 characters into the Open…