How severe is CVE-2019-0006?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.8 out of 10.

What type of vulnerability is CVE-2019-0006?

This is classified as CWE-908, which is a common weakness in software security.

CVE-2019-0006 - CRITICAL Severity | CVSS 9.8

Vulnerability Description

A certain crafted HTTP packet can trigger an uninitialized function pointer deference vulnerability in the Packet Forwarding Engine manager (fxpc) on all EX, QFX and MX Series devices in a Virtual Chassis configuration. This issue can result in a crash of the fxpc daemon or may potentially lead to remote code execution. This issue only occurs when the crafted packet it destined to the device. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D47 on EX and QFX Virtual Chassis Platforms; 15.1 versions prior to 15.1R7-S3 all Virtual Chassis Platforms 15.1X53 versions prior to 15.1X53-D50 on EX and QFX Virtual Chassis Platforms.

Related Vulnerabilities

CVE-2008-0081

CRITICAL

CVSS:9.8(Critical)

Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via crafted macros, aka "Ma...

CWE-9082008

CVE-2015-8390

CRITICAL

CVSS:9.8(Critical)

PCRE before 8.38 mishandles the [: and \\ substrings in character classes, which allows remote attackers to cause a denial of service (uninitialized memory read) or possibly have unspecified other imp...

CWE-9082015

CVE-2018-25014

CRITICAL

CVSS:9.8(Critical)

A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol().

CWE-9082018

CVE-2019-12730

CRITICAL

CVSS:9.8(Critical)

aa_read_header in libavformat/aadec.c in FFmpeg before 3.2.14 and 4.x before 4.1.4 does not check for sscanf failure and consequently allows use of uninitialized variables.

CWE-9082019

CVE-2019-14052

CRITICAL

CVSS:9.8(Critical)

u'Accessing an uninitialized data structure could result in partially copying of contents and thus incorrect processing' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Ind...

CWE-9082019

CVE-2019-9641

CRITICAL

CVSS:9.8(Critical)

An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_TIFF.

CWE-9082019