CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,011 vulnerabilities with CWE-119
CVE-2013-0082
Microsoft Office 2003 SP3 and 2007 SP3 - Remote Code Execution via Crafted WordPerfect Document
CVE-2013-6763
Linux Kernel < 3.2.53 - Memory Corruption via uio_mmap_physical
CVE-2013-4514
Linux kernel <3.12 - Buffer Overflow
CVE-2013-4513
Linux kernel <3.12 - Buffer Overflow
CVE-2013-4512
Linux kernel <3.12 - Buffer Overflow
CVE-2013-3986
IBM Lotus Sametime 8.5.2-8.5.2.1 - Denial of Service via Crafted Audio Visual Session
CVE-2013-5566
Cisco NX-OS < 5.0 - Denial of Service via VRRP AH Authentication
CVE-2013-5565
Cisco IOS XR 5.1 - Denial of Service via Malformed OSPFv3 LSA Type-1 Packet
CVE-2013-5562
Cisco Prime Central for Hosted Collaboration Solution - Denial of Service via TCP Packet Flood
CVE-2013-5387
IBM Platform Symphony <6.1.1 - Buffer Overflow
CVE-2013-5564
Cisco Prime Central for Hosted Collaboration Solution - Denial of Service via TCP Packet Flood
CVE-2013-5559
Cisco AnyConnect Secure Mobility Client 2.x - Remote Code Execution via Crafted HTML Document
CVE-2013-2058
Linux Kernel < 3.7.4 - Denial of Service via USB/Ethernet Adapter Traffic
CVE-2013-4416
Xen 4.1.x-4.3.x - Denial of Service via Large Message Reply
CVE-2013-4282
SPICE 0.12.0 - Denial of Service via Long Password in SPICE Ticket
CVE-2013-6075
strongSwan 4.3.3-5.1.1 - Denial of Service and Authentication Bypass via Crafted ID_DER_ASN1_DN ID
CVE-2013-5555
Cisco Unified Communications Manager - DoS
CVE-2013-5551
Cisco Adaptive Security Appliance Software - Authenticated Denial of Service via Clientless SSL VPN Portal
CVE-2013-4484
Varnish < 3.0.5 - Denial of Service via GET Request with Trailing Whitespace
CVE-2013-5604
Thunderbird ESR - Remote Code Execution via XSLT Processor Buffer Overflow
CVE-2013-5602
Mozilla Firefox <25.0 - Memory Corruption
CVE-2013-5596
Thunderbird < 24.1 - Remote Code Execution via Cycle Collection Race Condition
CVE-2013-5595
Mozilla Firefox <25.0 - Buffer Overflow
CVE-2013-4261
OpenStack Compute (Nova) Folsom and Grizzly - Denial of Service via Apache Qpid RPC Backend Error Handling
CVE-2013-5914
PolarSSL < 1.1.8 - Buffer Overflow via Long TLS 1.1 Packet
Details
Vulnerabilities 14,011
Exploit Likelihood High