How severe is CVE-2016-9778?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.9 out of 10.

What type of vulnerability is CVE-2016-9778?

This is classified as CWE-388, which is a common weakness in software security.

CVE-2016-9778

MEDIUM Year: 2016

CVSS v3 Score

5.9

Medium

CVSS v2 Score

4.3

Medium

Weakness Type

CWE-388

View all →

Vulnerability Description

An error in handling certain queries can cause an assertion failure when a server is using the nxdomain-redirect feature to cover a zone for which it is also providing authoritative service. A vulnerable server could be intentionally stopped by an attacker if it was using a configuration that met the criteria for the vulnerability and if the attacker could cause it to accept a query that possessed the required attributes. Please note: This vulnerability affects the "nxdomain-redirect" feature, which is one of two methods of handling NXDOMAIN redirection, and is only available in certain versions of BIND. Redirection using zones of type "redirect" is not affected by this vulnerability. Affects BIND 9.9.8-S1 -> 9.9.8-S3, 9.9.9-S1 -> 9.9.9-S6, 9.11.0-9.11.0-P1.

CVE-2015-9218

MEDIUM

CVSS:5.5(Medium)

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450...

CWE-3882015

CVE-2016-10062

MEDIUM

CVSS:5.5(Medium)

The ReadGROUP4Image function in coders/tiff.c in ImageMagick does not check the return value of the fwrite function, which allows remote attackers to cause a denial of service (application crash) via ...

CWE-3882016

CVE-2016-9588

MEDIUM

CVSS:5.5(Medium)

arch/x86/kvm/vmx.c in the Linux kernel through 4.9 mismanages the #BP and #OF exceptions, which allows guest OS users to cause a denial of service (guest OS crash) by declining to handle an exception ...

CWE-3882016

CVE-2017-5577

MEDIUM

CVSS:5.5(Medium)

The vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 does not set an errno value upon certain overflow detections, which allows local ...

CWE-3882017

CVE-2017-7616

MEDIUM

CVSS:5.5(Medium)

Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive information from uninitialized stack...

CWE-3882017

CVE-2019-12380

MEDIUM

CVSS:5.5(Medium)

**DISPUTED** An issue was discovered in the efi subsystem in the Linux kernel through 5.1.5. phys_efi_set_virtual_address_map in arch/x86/platform/efi/efi.c and efi_call_phys_prolog in arch/x86/platfo...

CWE-3882019

CVE-2016-9778

Vulnerability Description

Related Vulnerabilities

CVE-2015-9218

CVE-2016-10062

CVE-2016-9588

CVE-2017-5577

CVE-2017-7616

CVE-2019-12380