CWE-704
Allowed-with-ReviewIncorrect Type Conversion or Cast
Abstraction: Class · Status: Incomplete
The product does not correctly convert an object, resource, or structure from one type to a different type.
334 vulnerabilities reference this CWE, most recent first.
GHSA-FQRR-HWMJ-8PJ8
Vulnerability from github – Published: 2022-05-14 01:07 – Updated: 2022-05-14 01:07psi/zfjbig2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a JBIG2Decode type confusion.
{
"affected": [],
"aliases": [
"CVE-2018-19477"
],
"database_specific": {
"cwe_ids": [
"CWE-704"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-11-23T05:29:00Z",
"severity": "HIGH"
},
"details": "psi/zfjbig2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a JBIG2Decode type confusion.",
"id": "GHSA-fqrr-hwmj-8pj8",
"modified": "2022-05-14T01:07:01Z",
"published": "2022-05-14T01:07:01Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19477"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHBA-2019:0327"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:0229"
},
{
"type": "WEB",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=700168"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00036.html"
},
{
"type": "WEB",
"url": "https://semmle.com/news/semmle-discovers-severe-vulnerability-ghostscript-postscript-pdf"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3831-1"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2018/dsa-4346"
},
{
"type": "WEB",
"url": "https://www.ghostscript.com/doc/9.26/History9.htm#Version9.26"
},
{
"type": "WEB",
"url": "http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=ef252e7dc214bcbd9a2539216aab9202848602bb"
},
{
"type": "WEB",
"url": "http://git.ghostscript.com/?p=ghostpdl.git;h=606a22e77e7f081781e99e44644cd0119f559e03"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/106154"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-FVCH-GJ67-RR73
Vulnerability from github – Published: 2022-05-13 01:04 – Updated: 2025-04-20 03:43Adobe Flash Player versions 26.0.0.137 and earlier have an exploitable type confusion vulnerability when parsing SWF files. Successful exploitation could lead to arbitrary code execution.
{
"affected": [],
"aliases": [
"CVE-2017-3106"
],
"database_specific": {
"cwe_ids": [
"CWE-704"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-08-11T19:29:00Z",
"severity": "HIGH"
},
"details": "Adobe Flash Player versions 26.0.0.137 and earlier have an exploitable type confusion vulnerability when parsing SWF files. Successful exploitation could lead to arbitrary code execution.",
"id": "GHSA-fvch-gj67-rr73",
"modified": "2025-04-20T03:43:05Z",
"published": "2022-05-13T01:04:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3106"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:2457"
},
{
"type": "WEB",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb17-23.html"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201709-16"
},
{
"type": "WEB",
"url": "https://www.exploit-db.com/exploits/42480"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/100190"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1039088"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-FVF2-C7JR-78F4
Vulnerability from github – Published: 2022-05-13 01:25 – Updated: 2022-05-13 01:25Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform a cast of an unspecified variable during handling of anchors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted HTML document.
{
"affected": [],
"aliases": [
"CVE-2011-0482"
],
"database_specific": {
"cwe_ids": [
"CWE-704"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2011-01-14T17:00:00Z",
"severity": "MODERATE"
},
"details": "Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform a cast of an unspecified variable during handling of anchors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted HTML document.",
"id": "GHSA-fvf2-c7jr-78f4",
"modified": "2022-05-13T01:25:10Z",
"published": "2022-05-13T01:25:10Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0482"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64673"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14662"
},
{
"type": "WEB",
"url": "http://code.google.com/p/chromium/issues/detail?id=68178"
},
{
"type": "WEB",
"url": "http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
},
{
"type": "WEB",
"url": "http://osvdb.org/70465"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/42951"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2011/dsa-2188"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/45788"
},
{
"type": "WEB",
"url": "http://www.srware.net/forum/viewtopic.php?f=18\u0026t=2054"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-G37Q-H7CJ-3QC4
Vulnerability from github – Published: 2022-05-13 01:34 – Updated: 2022-05-13 01:34This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the getIcon method. By performing actions in JavaScript, an attacker can trigger a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-6016.
{
"affected": [],
"aliases": [
"CVE-2018-14253"
],
"database_specific": {
"cwe_ids": [
"CWE-704"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-07-31T20:29:00Z",
"severity": "HIGH"
},
"details": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the getIcon method. By performing actions in JavaScript, an attacker can trigger a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-6016.",
"id": "GHSA-g37q-h7cj-3qc4",
"modified": "2022-05-13T01:34:40Z",
"published": "2022-05-13T01:34:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14253"
},
{
"type": "WEB",
"url": "https://www.foxitsoftware.com/support/security-bulletins.php"
},
{
"type": "WEB",
"url": "https://zerodayinitiative.com/advisories/ZDI-18-713"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-G4J2-J4JP-8M59
Vulnerability from github – Published: 2022-05-13 01:31 – Updated: 2022-05-13 01:31This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the openList method. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5377.
{
"affected": [],
"aliases": [
"CVE-2018-9943"
],
"database_specific": {
"cwe_ids": [
"CWE-704"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-05-17T15:29:00Z",
"severity": "HIGH"
},
"details": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the openList method. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5377.",
"id": "GHSA-g4j2-j4jp-8m59",
"modified": "2022-05-13T01:31:39Z",
"published": "2022-05-13T01:31:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-9943"
},
{
"type": "WEB",
"url": "https://www.foxitsoftware.com/support/security-bulletins.php"
},
{
"type": "WEB",
"url": "https://zerodayinitiative.com/advisories/ZDI-18-327"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-G593-6GCM-GM4Q
Vulnerability from github – Published: 2022-05-14 01:13 – Updated: 2022-05-14 01:13A type confusion issue was addressed with improved memory handling. This issue affected versions prior to macOS High Sierra 10.13.6.
{
"affected": [],
"aliases": [
"CVE-2018-4285"
],
"database_specific": {
"cwe_ids": [
"CWE-704"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-04-03T18:29:00Z",
"severity": "HIGH"
},
"details": "A type confusion issue was addressed with improved memory handling. This issue affected versions prior to macOS High Sierra 10.13.6.",
"id": "GHSA-g593-6gcm-gm4q",
"modified": "2022-05-14T01:13:09Z",
"published": "2022-05-14T01:13:09Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-4285"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT208937"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-G5C6-866R-Q623
Vulnerability from github – Published: 2022-05-13 01:37 – Updated: 2022-05-13 01:37This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the remove method of XFAScriptObject objects. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5017.
{
"affected": [],
"aliases": [
"CVE-2017-14825"
],
"database_specific": {
"cwe_ids": [
"CWE-704",
"CWE-843"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-12-20T14:29:00Z",
"severity": "HIGH"
},
"details": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the remove method of XFAScriptObject objects. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5017.",
"id": "GHSA-g5c6-866r-q623",
"modified": "2022-05-13T01:37:37Z",
"published": "2022-05-13T01:37:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14825"
},
{
"type": "WEB",
"url": "https://www.foxitsoftware.com/support/security-bulletins.php"
},
{
"type": "WEB",
"url": "https://zerodayinitiative.com/advisories/ZDI-17-869"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-G5XQ-M4V9-R6GR
Vulnerability from github – Published: 2022-05-13 01:34 – Updated: 2022-05-13 01:34This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the oneOfChild attribute. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5774.
{
"affected": [],
"aliases": [
"CVE-2018-14285"
],
"database_specific": {
"cwe_ids": [
"CWE-704"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-07-31T20:29:00Z",
"severity": "HIGH"
},
"details": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the oneOfChild attribute. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5774.",
"id": "GHSA-g5xq-m4v9-r6gr",
"modified": "2022-05-13T01:34:37Z",
"published": "2022-05-13T01:34:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14285"
},
{
"type": "WEB",
"url": "https://www.foxitsoftware.com/support/security-bulletins.php"
},
{
"type": "WEB",
"url": "https://zerodayinitiative.com/advisories/ZDI-18-745"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-G6MC-765R-FWWJ
Vulnerability from github – Published: 2022-03-26 00:00 – Updated: 2022-04-08 00:00A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUG_ON issue, leading to a denial of service (DOS).
{
"affected": [],
"aliases": [
"CVE-2022-0322"
],
"database_specific": {
"cwe_ids": [
"CWE-704"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-03-25T19:15:00Z",
"severity": "MODERATE"
},
"details": "A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUG_ON issue, leading to a denial of service (DOS).",
"id": "GHSA-g6mc-765r-fwwj",
"modified": "2022-04-08T00:00:38Z",
"published": "2022-03-26T00:00:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0322"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042822"
},
{
"type": "WEB",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a2d859e3fc97e79d907761550dbc03ff1b36479c"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-G85X-GVX3-MQ74
Vulnerability from github – Published: 2022-05-13 01:30 – Updated: 2022-05-13 01:30MP4Atom::factory in mp4atom.cpp in MP4v2 2.0.0 incorrectly uses the MP4ItemAtom data type in a certain case where MP4DataAtom is required, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted MP4 file, because access to the data structure has different expectations about layout as a result of this type confusion.
{
"affected": [],
"aliases": [
"CVE-2018-14379"
],
"database_specific": {
"cwe_ids": [
"CWE-704"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-07-18T05:29:00Z",
"severity": "HIGH"
},
"details": "MP4Atom::factory in mp4atom.cpp in MP4v2 2.0.0 incorrectly uses the MP4ItemAtom data type in a certain case where MP4DataAtom is required, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted MP4 file, because access to the data structure has different expectations about layout as a result of this type confusion.",
"id": "GHSA-g85x-gvx3-mq74",
"modified": "2022-05-13T01:30:32Z",
"published": "2022-05-13T01:30:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14379"
},
{
"type": "WEB",
"url": "https://github.com/enzo1982/mp4v2/releases/tag/v2.1.0"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6YCHVOYPIBGM5HYUMQ77KZH2IHSITKVE"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRSO2IMK6P7MOIZWGWKONPIEHKBA7WL3"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GISUIWPKBWPXORUFNWBGFTKQS7UUVUC4"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2018/07/17/1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.