How severe is CVE-2019-0008?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.8 out of 10.

What type of vulnerability is CVE-2019-0008?

This is classified as CWE-121, which is a common weakness in software security.

CVE-2019-0008

CRITICAL Year: 2019

CVSS v3 Score

9.8

Critical

CVSS v2 Score

7.5

High

Weakness Type

CWE-121

View all →

Vulnerability Description

A certain sequence of valid BGP or IPv6 BFD packets may trigger a stack based buffer overflow in the Junos OS Packet Forwarding Engine manager (FXPC) process on QFX5000 series, EX4300, EX4600 devices. This issue can result in a crash of the fxpc daemon or may potentially lead to remote code execution. Affected releases are Juniper Networks Junos OS on QFX 5000 series, EX4300, EX4600 are: 14.1X53; 15.1X53 versions prior to 15.1X53-D235; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R3; 17.3 versions prior to 17.3R3-S2, 17.3R4; 17.4 versions prior to 17.4R2-S1, 17.4R3; 18.1 versions prior to 18.1R3-S1, 18.1R4; 18.2 versions prior to 18.2R2; 18.2X75 versions prior to 18.2X75-D30; 18.3 versions prior to 18.3R2.

CVE-2014-9163

CRITICAL

CVSS:9.8(Critical)

Stack-based buffer overflow in Adobe Flash Player before 13.0.0.259 and 14.x and 15.x before 15.0.0.246 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code ...

CWE-1212014

CVE-2014-9189

CRITICAL

CVSS:9.8(Critical)

Multiple stack-based buffer overflow vulnerabilities were found in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410.6, and all versions prior to R430.2 modules that coul...

CWE-1212014

CVE-2015-1006

CRITICAL

CVSS:9.8(Critical)

A vulnerable file in Opto 22 PAC Project Professional versions prior to R9.4006, PAC Project Basic versions prior to R9.4006, PAC Display Basic versions prior to R9.4f, PAC Display Professional versio...

CWE-1212015

CVE-2016-6563

CRITICAL

CVSS:9.8(Critical)

Processing malformed SOAP messages when performing the HNAP Login action causes a buffer overflow in the stack in some D-Link DIR routers. The vulnerable XML fields within the SOAP body are: Action, U...

CWE-1212016

CVE-2017-12194

CRITICAL

CVSS:9.8(Critical)

A flaw was found in the way spice-client processed certain messages sent from the server. An attacker, having control of malicious spice-server, could use this flaw to crash the client or execute arbi...

CWE-1212017

CVE-2017-12706

CRITICAL

CVSS:9.8(Critical)

A stack-based buffer overflow issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. Researchers have identified multiple vulnerabilities where there is a lack of proper validati...

CWE-1212017

CVE-2019-0008

Vulnerability Description

Related Vulnerabilities

CVE-2014-9163

CVE-2014-9189

CVE-2015-1006

CVE-2016-6563

CVE-2017-12194

CVE-2017-12706