How severe is CVE-2019-12678?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.6 out of 10.

What type of vulnerability is CVE-2019-12678?

This is classified as CWE-191, which is a common weakness in software security.

CVE-2019-12678 - HIGH Severity | CVSS 8.6

Vulnerability Description

A vulnerability in the Session Initiation Protocol (SIP) inspection module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper parsing of SIP messages. An attacker could exploit this vulnerability by sending a malicious SIP packet through an affected device. A successful exploit could allow the attacker to trigger an integer underflow, causing the software to try to read unmapped memory and resulting in a crash.

Related Vulnerabilities

CVE-2014-0497

HIGH

CVSS:8.8(High)

Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0.44 on Windows and Mac OS X, and before 11.2.202.336 on Linux, allows remote attackers to execute arb...

CWE-1912014

CVE-2017-14796

HIGH

CVSS:8.8(High)

The hevc_write_frame function in libbpg.c in libbpg 0.9.7 allows remote attackers to cause a denial of service (integer underflow and application crash) or possibly have unspecified other impact via a...

CWE-1912017

CVE-2017-18170

HIGH

CVSS:8.8(High)

Improper input validation in Bluetooth Controller function can lead to possible memory corruption in Snapdragon Mobile in version QCA9379, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 4...

CWE-1912017

CVE-2018-14325

HIGH

CVSS:8.8(High)

In MP4v2 2.0.0, there is an integer underflow (with resultant memory corruption) when parsing MP4Atom in mp4atom.cpp.

CWE-1912018

CVE-2018-3999

HIGH

CVSS:8.8(High)

An exploitable stack-based buffer overflow vulnerability exists in the JPEG parser of Atlantis Word Processor, version 3.2.5.0. A specially crafted image embedded within a document can cause a length ...

CWE-1912018

CVE-2019-5099

HIGH

CVSS:8.8(High)

An exploitable integer underflow vulnerability exists in the CMP-parsing functionality of LEADTOOLS 20. A specially crafted CMP image file can cause an integer underflow, potentially resulting in code...

CWE-1912019