CWE-787

Out-of-bounds Write

BaseDraftLikelihood: High

Description

The product writes data past the end, or before the beginning, of the intended buffer.

Hierarchy (View 1000)

Parents

CWE-119

Children

CVEs mapped to this weakness (1,368)

page 23 of 69

CVE	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2017-5032	Hig	0.57	8.8	0.01	Apr 24, 2017	PDFium in Google Chrome prior to 57.0.2987.98 for Windows could be made to increment off the end of a buffer, which allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
CVE-2017-5029	Hig	0.57	8.8	0.01	Apr 24, 2017	The xsltAddTextString function in transform.c in libxslt 1.1.29, as used in Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android, lacked a check for integer overflow during a size calculation, which allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.
CVE-2016-10273	Hig	0.57	8.8	0.03	Mar 26, 2017	Multiple stack buffer overflow vulnerabilities in Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. 3), Air:Link 5000AC (AL5000AC) version 1.13, and Air:Link 59300 (AL59300) version 1.04 (Rev. 4) devices allow remote attackers to execute arbitrary code or crash the web service via the (1) ateFunc, (2) ateGain, (3) ateTxCount, (4) ateChan, (5) ateRate, (6) ateMacID, (7) e2pTxPower1, (8) e2pTxPower2, (9) e2pTxPower3, (10) e2pTxPower4, (11) e2pTxPower5, (12) e2pTxPower6, (13) e2pTxPower7, (14) e2pTx2Power1, (15) e2pTx2Power2, (16) e2pTx2Power3, (17) e2pTx2Power4, (18) e2pTx2Power5, (19) e2pTx2Power6, (20) e2pTx2Power7, (21) ateTxFreqOffset, (22) ateMode, (23) ateBW, (24) ateAntenna, (25) e2pTxFreqOffset, (26) e2pTxPwDeltaB, (27) e2pTxPwDeltaG, (28) e2pTxPwDeltaMix, (29) e2pTxPwDeltaN, and (30) readE2P parameters of the /goform/formWlanMP endpoint.
CVE-2017-2999	Hig	0.57	8.8	0.03	Mar 14, 2017	Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK functionality related to hosting playback surface. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2998	Hig	0.57	8.8	0.03	Mar 14, 2017	Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK API functionality related to timeline interactions. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2996	Hig	0.57	8.8	0.03	Feb 15, 2017	Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in Primetime SDK. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2991	Hig	0.57	8.8	0.01	Feb 15, 2017	Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 codec (related to decompression). Successful exploitation could lead to arbitrary code execution.
CVE-2017-2990	Hig	0.57	8.8	0.02	Feb 15, 2017	Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 decompression routine. Successful exploitation could lead to arbitrary code execution.
CVE-2016-5210	Hig	0.57	8.8	0.01	Jan 19, 2017	Heap buffer overflow during TIFF image parsing in PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
CVE-2016-5209	Hig	0.57	8.8	0.01	Jan 19, 2017	Bad casting in bitmap manipulation in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2017-2928	Hig	0.57	8.8	0.03	Jan 11, 2017	Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to setting visual mode effects. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2926	Hig	0.57	8.8	0.02	Jan 11, 2017	Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to processing of atoms in MP4 files. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2925	Hig	0.57	8.8	0.03	Jan 11, 2017	Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability in the JPEG XR codec. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7871	Hig	0.57	8.8	0.03	Dec 15, 2016	Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the Worker class. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7870	Hig	0.57	8.8	0.01	Dec 15, 2016	Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class for specific search strategies. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7869	Hig	0.57	8.8	0.01	Dec 15, 2016	Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to backtrack search functionality. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7868	Hig	0.57	8.8	0.01	Dec 15, 2016	Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to alternation functionality. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7867	Hig	0.57	8.8	0.01	Dec 15, 2016	Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to bookmarking in searches. Successful exploitation could lead to arbitrary code execution.
CVE-2016-8877	Hig	0.57	8.8	0.01	Oct 31, 2016	Heap buffer overflow (Out-of-Bounds write) vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows allows remote attackers to execute arbitrary code via a crafted JPEG2000 image embedded in a PDF document, aka a "corrupted suffix pattern" issue.
CVE-2016-6990	Hig	0.57	8.8	0.04	Oct 13, 2016	Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, and CVE-2016-6989.

CVE-2017-5032HigApr 24, 2017
risk 0.57cvss 8.8epss 0.01
PDFium in Google Chrome prior to 57.0.2987.98 for Windows could be made to increment off the end of a buffer, which allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
CVE-2017-5029HigApr 24, 2017
risk 0.57cvss 8.8epss 0.01
The xsltAddTextString function in transform.c in libxslt 1.1.29, as used in Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android, lacked a check for integer overflow during a size calculation, which allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.
CVE-2016-10273HigMar 26, 2017
risk 0.57cvss 8.8epss 0.03
Multiple stack buffer overflow vulnerabilities in Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. 3), Air:Link 5000AC (AL5000AC) version 1.13, and Air:Link 59300 (AL59300) version 1.04 (Rev. 4) devices allow remote attackers to execute arbitrary code or crash the web service via the (1) ateFunc, (2) ateGain, (3) ateTxCount, (4) ateChan, (5) ateRate, (6) ateMacID, (7) e2pTxPower1, (8) e2pTxPower2, (9) e2pTxPower3, (10) e2pTxPower4, (11) e2pTxPower5, (12) e2pTxPower6, (13) e2pTxPower7, (14) e2pTx2Power1, (15) e2pTx2Power2, (16) e2pTx2Power3, (17) e2pTx2Power4, (18) e2pTx2Power5, (19) e2pTx2Power6, (20) e2pTx2Power7, (21) ateTxFreqOffset, (22) ateMode, (23) ateBW, (24) ateAntenna, (25) e2pTxFreqOffset, (26) e2pTxPwDeltaB, (27) e2pTxPwDeltaG, (28) e2pTxPwDeltaMix, (29) e2pTxPwDeltaN, and (30) readE2P parameters of the /goform/formWlanMP endpoint.
CVE-2017-2999HigMar 14, 2017
risk 0.57cvss 8.8epss 0.03
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK functionality related to hosting playback surface. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2998HigMar 14, 2017
risk 0.57cvss 8.8epss 0.03
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK API functionality related to timeline interactions. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2996HigFeb 15, 2017
risk 0.57cvss 8.8epss 0.03
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in Primetime SDK. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2991HigFeb 15, 2017
risk 0.57cvss 8.8epss 0.01
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 codec (related to decompression). Successful exploitation could lead to arbitrary code execution.
CVE-2017-2990HigFeb 15, 2017
risk 0.57cvss 8.8epss 0.02
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 decompression routine. Successful exploitation could lead to arbitrary code execution.
CVE-2016-5210HigJan 19, 2017
risk 0.57cvss 8.8epss 0.01
Heap buffer overflow during TIFF image parsing in PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
CVE-2016-5209HigJan 19, 2017
risk 0.57cvss 8.8epss 0.01
Bad casting in bitmap manipulation in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2017-2928HigJan 11, 2017
risk 0.57cvss 8.8epss 0.03
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to setting visual mode effects. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2926HigJan 11, 2017
risk 0.57cvss 8.8epss 0.02
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to processing of atoms in MP4 files. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2925HigJan 11, 2017
risk 0.57cvss 8.8epss 0.03
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability in the JPEG XR codec. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7871HigDec 15, 2016
risk 0.57cvss 8.8epss 0.03
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the Worker class. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7870HigDec 15, 2016
risk 0.57cvss 8.8epss 0.01
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class for specific search strategies. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7869HigDec 15, 2016
risk 0.57cvss 8.8epss 0.01
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to backtrack search functionality. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7868HigDec 15, 2016
risk 0.57cvss 8.8epss 0.01
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to alternation functionality. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7867HigDec 15, 2016
risk 0.57cvss 8.8epss 0.01
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to bookmarking in searches. Successful exploitation could lead to arbitrary code execution.
CVE-2016-8877HigOct 31, 2016
risk 0.57cvss 8.8epss 0.01
Heap buffer overflow (Out-of-Bounds write) vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows allows remote attackers to execute arbitrary code via a crafted JPEG2000 image embedded in a PDF document, aka a "corrupted suffix pattern" issue.
CVE-2016-6990HigOct 13, 2016
risk 0.57cvss 8.8epss 0.04
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, and CVE-2016-6989.