Vulnerabilities > CVE-2016-7544 - Resource Management Errors vulnerability in Cryptopp Crypto++ 5.6.4

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
cryptopp
CWE-399

Summary

Crypto++ 5.6.4 incorrectly uses Microsoft's stack-based _malloca and _freea functions. The library will request a block of memory to align a table in memory. If the table is later reallocated, then the wrong pointer could be freed.

Vulnerable Configurations

Part Description Count
Application
Cryptopp
1
OS
Microsoft
1

Common Weakness Enumeration (CWE)