CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,999 vulnerabilities with CWE-119
CVE-2017-3054 HIGH
Adobe Acrobat Reader <= 11.0.19, <= 15.006.30280, <= 15.023.20070 - Memory Corruption via EMF File Parsing
CVSS 7.8
CVE-2017-3049 HIGH
Adobe Acrobat and Reader < 11.0.19, < 15.006.30280, < 15.023.20070 - Remote Code Execution via TIFF Image Conversion
CVSS 7.8
CVE-2017-3048 HIGH
Adobe Acrobat and Reader < 11.0.19, < 15.006.30280, < 15.023.20070 - Heap Overflow via TIFF Image Conversion
CVSS 7.8
CVE-2017-3042 HIGH
Adobe Acrobat and Reader < 11.0.19, < 15.006.30280, < 15.023.20070 - Heap Overflow via TIFF Image Parsing
CVSS 7.8
CVE-2017-3041 HIGH
Adobe Acrobat and Reader < 11.0.19, < 15.006.30280, < 15.023.20070 - Memory Corruption via Font Data Parsing
CVSS 7.8
CVE-2017-3040 HIGH
Adobe Acrobat and Reader < 11.0.19, < 15.006.30280, < 15.023.20070 - Memory Corruption in JBIG2 Module
CVSS 7.8
CVE-2017-3039 HIGH
Adobe Acrobat and Reader < 11.0.19, 15.006.30280, 15.023.20070 - Memory Corruption in PPKLite Security Handler
CVSS 7.8
CVE-2017-3038 HIGH
Adobe Acrobat and Reader < 11.0.19, < 15.006.30280, < 15.023.20070 - Memory Corruption via TTF Stream Parsing
CVSS 7.8
CVE-2017-3037 CRITICAL
Adobe Acrobat and Reader < 11.0.19, < 15.006.30280, < 15.023.20070 - Remote Code Execution via JavaScript Engine
CVSS 9.8
CVE-2017-3030 HIGH
Adobe Acrobat and Reader < 11.0.19, < 15.006.30280, < 15.023.20070 - Memory Corruption in AES Module
CVSS 7.8
CVE-2017-3029 LOW
Adobe Acrobat and Reader Memory Address Leak via JPEG 2000 Code-Stream Handling
CVSS 3.3
CVE-2017-3028 HIGH
Adobe Acrobat and Reader < 11.0.19, < 15.006.30280, < 15.023.20070 - Memory Corruption via TIFF Image Processing
CVSS 7.8
CVE-2017-3025 HIGH
Adobe Acrobat Reader Memory Corruption Arbitrary Code Execution
CVSS 7.8
CVE-2017-3024 HIGH
Adobe Acrobat Reader <= 11.0.19, <= 15.006.30280, <= 15.023.20070 - Memory Corruption via PDF Annotation Manipulation
CVSS 7.8
CVE-2017-3023 HIGH
Adobe Acrobat and Reader < 11.0.19, < 15.006.30280, < 15.023.20070 - Memory Corruption in JPEG 2000 Tile Processing
CVSS 7.8
CVE-2017-3020 LOW
Adobe Acrobat and Reader < 11.0.19, < 15.006.30280, < 15.023.20070 - Memory Address Leak in Weblink Module
CVSS 3.3
CVE-2017-3018 HIGH
Adobe Acrobat Reader <= 11.0.19, <= 15.006.30280, <= 15.023.20070 - Memory Corruption in Renderer
CVSS 7.8
CVE-2017-3017 HIGH
Adobe Acrobat and Reader < 11.0.19, < 15.006.30280, < 15.023.20070 - Memory Corruption via Malformed PDF File
CVSS 7.8
CVE-2017-3015 HIGH
Adobe Acrobat and Reader < 11.0.19, < 15.006.30280, < 15.023.20070 - Memory Corruption in JBIG2 Parser
CVSS 7.8
CVE-2017-3004 HIGH
Adobe Photoshop CC <= 17.0.1 and <= 18.0.1 - Memory Corruption via PCX File Parsing
CVSS 7.8
CVE-2017-0205 HIGH
Microsoft Edge - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2017-0202 HIGH
Internet Explorer - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2017-0201 HIGH
Internet Explorer 9 and 10 - Remote Code Execution via JScript and VBScript Engine Memory Corruption
CVSS 7.5
CVE-2017-0200 HIGH
Microsoft Edge - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2017-0106 HIGH
Microsoft Outlook 2010 SP2, 2013 SP1, 2016 - Remote Code Execution via Crafted Document
CVSS 7.8
Details
Vulnerabilities 13,999
Exploit Likelihood High