CVE-2004-1940

MEDIUM Year: 2004
CVSS v2 Score
5.0
Medium
Weakness Type
CWE-125
View all →

Vulnerability Description

sipclient.cpp in KPhone 4.0.1 and earlier allows remote attackers to cause a denial of service (crash) via a STUN response packet with a large attrLen value that causes an out-of-bounds read.

Related Vulnerabilities

CVE-2017-14451

CRITICAL
CVSS:10.0(Critical)

An exploitable out-of-bounds read vulnerability exists in libevm (Ethereum Virtual Machine) of CPP-Ethereum. A specially crafted smart contract code can cause an out-of-bounds read which can subsequen...

CWE-1252017

CVE-2021-41556

CRITICAL
CVSS:10.0(Critical)

sqclass.cpp in Squirrel through 2.2.5 and 3.x through 3.1 allows an out-of-bounds read (in the core interpreter) that can lead to Code Execution. If a victim executes an attacker-controlled squirrel s...

CWE-1252021

CVE-2024-22004

CRITICAL
CVSS:10.0(Critical)

Due to length check, an attacker with privilege access on a Linux Nonsecure operating system can trigger a vulnerability and leak the secure memory from the Trusted Application

CWE-1252024

CVE-2023-26489

CRITICAL
CVSS:9.9(Critical)

wasmtime is a fast and secure runtime for WebAssembly. In affected versions wasmtime's code generator, Cranelift, has a bug on x86_64 targets where address-mode computation mistakenly would calculate ...

CWE-1252023

CVE-1999-0006

CRITICAL
CVSS:9.8(Critical)

Buffer overflow in POP servers based on BSD/Qualcomm's qpopper allows remote attackers to gain root access using a long PASS command.

CWE-1251999

CVE-2014-2896

CRITICAL
CVSS:9.8(Critical)

The DoAlert function in the (1) TLS and (2) DTLS implementations in wolfSSL CyaSSL before 2.9.4 allows remote attackers to have unspecified impact and vectors, which trigger memory corruption or an ou...

CWE-1252014