Incorrect Pointer Scaling
CVE-2016-9843
Summary
The crc32_big function in crc32.c in zlib 1.2.0 through 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
- LOW
- NETWORK
- HIGH
- UNCHANGED
- NONE
- NONE
- HIGH
- HIGH
CWE-468 - Incorrect Pointer Scaling
In C and C++, one may often accidentally refer to the wrong memory due to the semantics of when math operations are implicitly scaled.
References
Advisory Timeline
- Published