VYPR

CWE-835

Loop with Unreachable Exit Condition ('Infinite Loop')

BaseIncomplete

Description

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

Hierarchy (View 1000)

Parents

Children

none

CVEs mapped to this weakness (456)

page 23 of 23
  • CVE-2017-18236MedMar 15, 2018
    risk 0.00cvss 5.5epss 0.02

    An issue was discovered in Exempi before 2.4.4. The ASF_Support::ReadHeaderObject function in XMPFiles/source/FormatSupport/ASF_Support.cpp allows remote attackers to cause a denial of service (infinite loop) via a crafted .asf file.

  • CVE-2017-18233MedMar 15, 2018
    risk 0.00cvss 5.5epss 0.02

    An issue was discovered in Exempi before 2.4.4. Integer overflow in the Chunk class in XMPFiles/source/FormatSupport/RIFF.cpp allows remote attackers to cause a denial of service (infinite loop) via crafted XMP data in a .avi file.

  • CVE-2017-18208MedMar 1, 2018
    risk 0.00cvss 5.5epss 0.01

    The madvise_willneed function in mm/madvise.c in the Linux kernel before 4.14.4 allows local users to cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping.

  • CVE-2017-18186MedFeb 13, 2018
    risk 0.00cvss 5.5epss 0.01

    An issue was discovered in QPDF before 7.0.0. There is an infinite loop due to looping xref tables in QPDF.cc.

  • CVE-2017-18183MedFeb 13, 2018
    risk 0.00cvss 5.5epss 0.01

    An issue was discovered in QPDF before 7.0.0. There is an infinite loop in the QPDFWriter::enqueueObject() function in libqpdf/QPDFWriter.cc.

  • CVE-2018-6196HigJan 25, 2018
    risk 0.00cvss 7.5epss 0.03

    w3m through 0.5.3 is prone to an infinite recursion flaw in HTMLlineproc0 because the feed_table_block_tag function in table.c does not prevent a negative indent value.

  • CVE-2014-3584Oct 30, 2014
    risk 0.00cvss epss 0.07

    The SamlHeaderInHandler in Apache CXF before 2.6.11, 2.7.x before 2.7.8, and 3.0.x before 3.0.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted SAML token in the authorization header of a request to a JAX-RS service.

  • CVE-2013-2789Aug 22, 2013
    risk 0.00cvss epss 0.02

    The Kepware DNP Master Driver for the KEPServerEX Communications Platform before 5.12.140.0 allows remote attackers to cause a denial of service (master-station infinite loop) via crafted DNP3 packets to TCP port 20000 and allows physically proximate attackers to cause a denial…

  • CVE-2012-6109Mar 1, 2013
    risk 0.00cvss epss 0.03

    lib/rack/multipart.rb in Rack before 1.1.4, 1.2.x before 1.2.6, 1.3.x before 1.3.7, and 1.4.x before 1.4.2 uses an incorrect regular expression, which allows remote attackers to cause a denial of service (infinite loop) via a crafted Content-Disposion header.

  • CVE-2011-2213Aug 29, 2011
    risk 0.00cvss epss 0.00

    The inet_diag_bc_audit function in net/ipv4/inet_diag.c in the Linux kernel before 2.6.39.3 does not properly audit INET_DIAG bytecode, which allows local users to cause a denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink…

  • CVE-2010-3880Dec 10, 2010
    risk 0.00cvss epss 0.00

    net/ipv4/inet_diag.c in the Linux kernel before 2.6.37-rc2 does not properly audit INET_DIAG bytecode, which allows local users to cause a denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink message that contains multiple…

  • CVE-2009-2906Oct 7, 2009
    risk 0.00cvss epss 0.04

    smbd in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8, and 3.4 before 3.4.2 allows remote authenticated users to cause a denial of service (infinite loop) via an unanticipated oplock break notification reply packet.

  • CVE-2009-1270Apr 8, 2009
    risk 0.00cvss epss 0.05

    libclamav/untar.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (infinite loop) via a crafted TAR file that causes (1) clamd and (2) clamscan to hang.

  • CVE-2006-6499Dec 20, 2006
    risk 0.00cvss epss 0.04

    The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 overwrites memory instead of exiting when the floating point precision is reduced, which allows remote attackers to cause a denial of service…

  • CVE-2005-0851May 2, 2005
    risk 0.00cvss epss 0.02

    FileZilla FTP server before 0.9.6, when using MODE Z (zlib compression), allows remote attackers to cause a denial of service (infinite loop) via certain file uploads or directory listings.

  • CVE-2004-0753Oct 20, 2004
    risk 0.00cvss epss 0.06

    The BMP image processor for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted BMP file.