CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,011 vulnerabilities with CWE-119
CVE-2013-4068
IBM Lotus Domino 8.5.3-9.0 - Authenticated Buffer Overflow in iNotes
CVE-2013-5139
iPhone OS < 6.1.4 - Remote Code Execution via IOSerialFamily Driver
CVE-2013-5128
iPhone OS < 6.1.4 - Remote Code Execution via WebKit Memory Corruption
CVE-2013-5127
iPhone OS < 6.1.4 - Remote Code Execution via WebKit Memory Corruption
CVE-2013-5126
iPhone OS < 6.1.4 - Remote Code Execution via WebKit Memory Corruption
CVE-2013-5125
iPhone OS < 6.1.4 - Remote Code Execution via WebKit Memory Corruption
CVE-2013-1047
iPhone OS - Remote Code Execution via Crafted Web Site
CVE-2013-1046
iPhone OS < 6.1.4 - Remote Code Execution via WebKit Memory Corruption
CVE-2013-1045
iPhone OS < 6.1.4 - Remote Code Execution via WebKit Memory Corruption
CVE-2013-1044
iPhone OS < 6.1.4 - Remote Code Execution via WebKit Memory Corruption
CVE-2013-1043
iPhone OS < 6.1.4 - Remote Code Execution via WebKit Memory Corruption
CVE-2013-1042
iPhone OS < 6.1.4 - Remote Code Execution via WebKit Memory Corruption
CVE-2013-1041
iPhone OS - Remote Code Execution via WebKit Memory Corruption
CVE-2013-1040
WebKit in Apple iTunes < 11.1.3 and Safari < 6.0.5 - Remote Code Execution via Crafted Web Site
CVE-2013-1039
iTunes < 11.1.3 - Remote Code Execution via Crafted Web Site
CVE-2013-1038
Safari < 6.0.5 - Remote Code Execution via Memory Corruption
CVE-2013-1037
Safari < 6.0.5 - Remote Code Execution via Memory Corruption
CVE-2013-1036
iPhone OS < 6.1.4 - Remote Code Execution via Crafted XML Document
CVE-2013-1035
Apple iTunes < 11.1 - Remote Code Execution via ActiveX Control
CVE-2013-1736
SeaMonkey < 2.21 - Remote Code Execution via Range-Request Node Parent-Child Relationship
CVE-2013-1732
Firefox < 24.0 and ESR 17.x < 17.0.9 - Remote Code Execution via Multi-Column Layout Buffer Overflow
CVE-2013-1730
Thunderbird < 24.0 and ESR < 17.0.9 - Remote Code Execution via XBL Node Movement
CVE-2013-1728
SeaMonkey < 2.21 - Information Disclosure via Uninitialized Memory in IonMonkey
CVE-2013-1725
Mozilla Firefox/Thunderbird/SeaMonkey Remote Code Execution via JavaScript Object Scope Handling
CVE-2013-1723
Thunderbird < 17.0.9 - Denial of Service via NativeKey Widget Event Handling
Details
Vulnerabilities 14,011
Exploit Likelihood High