VYPR

CWE-787

Out-of-bounds Write

BaseDraftLikelihood: High

Description

The product writes data past the end, or before the beginning, of the intended buffer.

Hierarchy (View 1000)

CVEs mapped to this weakness (2,513)

page 24 of 126
  • CVE-2017-3099HigJul 17, 2017
    risk 0.58cvss 8.8epss 0.09

    Adobe Flash Player versions 26.0.0.131 and earlier have an exploitable memory corruption vulnerability in the Action Script 3 raster data model. Successful exploitation could lead to arbitrary code execution.

  • CVE-2017-6891HigMay 22, 2017
    risk 0.58cvss 8.8epss 0.06

    Two errors in the "asn1_find_node()" function (lib/parser_aux.c) within GnuTLS libtasn1 version 4.10 can be exploited to cause a stacked-based buffer overflow by tricking a user into processing a specially crafted assignments file via the e.g. asn1Coding utility.

  • CVE-2017-3074HigMay 9, 2017
    risk 0.58cvss 8.8epss 0.05

    Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Graphics class. Successful exploitation could lead to arbitrary code execution.

  • CVE-2017-3072HigMay 9, 2017
    risk 0.58cvss 8.8epss 0.05

    Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution.

  • CVE-2017-3070HigMay 9, 2017
    risk 0.58cvss 8.8epss 0.05

    Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the ConvolutionFilter class. Successful exploitation could lead to arbitrary code execution.

  • CVE-2017-3069HigMay 9, 2017
    risk 0.58cvss 8.8epss 0.05

    Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BlendMode class. Successful exploitation could lead to arbitrary code execution.

  • CVE-2017-2999HigMar 14, 2017
    risk 0.58cvss 8.8epss 0.04

    Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK functionality related to hosting playback surface. Successful exploitation could lead to arbitrary code execution.

  • CVE-2017-2998HigMar 14, 2017
    risk 0.58cvss 8.8epss 0.04

    Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK API functionality related to timeline interactions. Successful exploitation could lead to arbitrary code execution.

  • CVE-2017-2996HigFeb 15, 2017
    risk 0.58cvss 8.8epss 0.05

    Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in Primetime SDK. Successful exploitation could lead to arbitrary code execution.

  • CVE-2017-2991HigFeb 15, 2017
    risk 0.58cvss 8.8epss 0.09

    Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 codec (related to decompression). Successful exploitation could lead to arbitrary code execution.

  • CVE-2017-2990HigFeb 15, 2017
    risk 0.58cvss 8.8epss 0.10

    Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 decompression routine. Successful exploitation could lead to arbitrary code execution.

  • CVE-2017-2928HigJan 11, 2017
    risk 0.58cvss 8.8epss 0.05

    Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to setting visual mode effects. Successful exploitation could lead to arbitrary code execution.

  • CVE-2017-2927HigJan 11, 2017
    risk 0.58cvss 8.8epss 0.09

    Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when processing Adobe Texture Format files. Successful exploitation could lead to arbitrary code execution.

  • CVE-2017-2926HigJan 11, 2017
    risk 0.58cvss 8.8epss 0.10

    Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to processing of atoms in MP4 files. Successful exploitation could lead to arbitrary code execution.

  • CVE-2017-2925HigJan 11, 2017
    risk 0.58cvss 8.8epss 0.05

    Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability in the JPEG XR codec. Successful exploitation could lead to arbitrary code execution.

  • CVE-2016-7876HigDec 15, 2016
    risk 0.58cvss 8.8epss 0.05

    Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the Clipboard class related to data handling functionality. Successful exploitation could lead to arbitrary code execution.

  • CVE-2016-7874HigDec 15, 2016
    risk 0.58cvss 8.8epss 0.05

    Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the NetConnection class when handling the proxy types. Successful exploitation could lead to arbitrary code execution.

  • CVE-2016-7873HigDec 15, 2016
    risk 0.58cvss 8.8epss 0.05

    Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the PSDK class related to ad policy functionality method. Successful exploitation could lead to arbitrary code execution.

  • CVE-2016-7871HigDec 15, 2016
    risk 0.58cvss 8.8epss 0.07

    Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the Worker class. Successful exploitation could lead to arbitrary code execution.

  • CVE-2016-7870HigDec 15, 2016
    risk 0.58cvss 8.8epss 0.11

    Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class for specific search strategies. Successful exploitation could lead to arbitrary code execution.