CVEbaza.plSłownik CWECWE-761
Common Weakness Enumeration

CWE-761

Free of Pointer not at Start of Buffer

Kategoria: VariantCVE: 2
Opis

Produkt wywołuje free() na wskaźniku do zasobu pamięci przydzielonego na stercie, jednak wskaźnik nie wskazuje na początek bufora. Takie działanie prowadzi do niezdefiniowanego zachowania i może spowodować błędy w zarządzaniu pamięcią.

Description (EN)

The product calls free() on a pointer to a memory resource that was allocated on the heap, but the pointer is not at the start of the buffer.

Podatności CVE z CWE-761 (2)
8.4
CVSS
HIGH
CVE-2025-47749

V-SFT v6.2.5.0 and earlier contains an issue with free of pointer not at start of buffer in VS6EditData.dll!CWinFontInf::WinFontMsgCheck function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.

pub. 2025-05-19
5.9
CVSS
MEDIUM
CVE-2024-31413

Free of pointer not at start of buffer vulnerability exists in CX-One CX-One CXONE-AL[][]D-V4 (The version which was installed with a DVD ver. 4.61.1 or lower, and was updated through CX-One V4 auto update in January 2024 or prior) and Sysmac Studio SYSMAC-SE2[][][] (The version which was installed with a DVD ver. 1.56 or lower, and was updated through Sysmac Studio V1 auto update in January 2024 or prior). Opening a specially crafted project file may lead to arbitrary code execution.

pub. 2024-05-01
Informacje
ID: CWE-761
Typ: Variant
Podatności: 2
MITRE CWE ↗
← Słownik CWE