CVE-2018-10598

HIGH Year: 2018
CVSS v3 Score
8.1
High
CVSS v2 Score
5.8
Medium
Weakness Type
CWE-125
View all →

Vulnerability Description

CNCSoft Version 1.00.83 and prior with ScreenEditor Version 1.00.54 has two out-of-bounds read vulnerabilities could cause the software to crash due to lacking user input validation for processing project files. Which may allow an attacker to gain remote code execution with administrator privileges if exploited.

Related Vulnerabilities

CVE-2015-8763

HIGH
CVSS:8.1(High)

The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote attackers to have unspecified impact via a crafted (1) commit or (2) confirm message, which triggers an out-of-bounds read.

CWE-1252015

CVE-2016-2374

HIGH
CVSS:8.1(High)

An exploitable memory corruption vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT MultiMX message sent via the server can result in an out-of-bounds write le...

CWE-1252016

CVE-2016-7643

HIGH
CVSS:8.1(High)

An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "ImageIO" component. It allow...

CWE-1252016

CVE-2016-9573

HIGH
CVSS:8.1(High)

An out-of-bounds read vulnerability was found in OpenJPEG 2.1.2, in the j2k_to_image tool. Converting a specially crafted JPEG2000 file to another format could cause the application to crash or, poten...

CWE-1252016

CVE-2017-14245

HIGH
CVSS:8.1(High)

An out of bounds read in the function d2alaw_array() in alaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-p...

CWE-1252017

CVE-2017-14246

HIGH
CVSS:8.1(High)

An out of bounds read in the function d2ulaw_array() in ulaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-p...

CWE-1252017