Vulnerabilities > CVE-2016-7544 - Resource Management Errors vulnerability in Cryptopp Crypto++ 5.6.4

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
cryptopp
microsoft
CWE-399

Summary

Crypto++ 5.6.4 incorrectly uses Microsoft's stack-based _malloca and _freea functions. The library will request a block of memory to align a table in memory. If the table is later reallocated, then the wrong pointer could be freed.

Vulnerable Configurations

Part Description Count
Application
Cryptopp
1
OS
Microsoft
1

Common Weakness Enumeration (CWE)