CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,011 vulnerabilities with CWE-119
CVE-2013-2127
LibRaw < 0.15.1 - Buffer Overflow in Exposure Correction Code
CVE-2013-3199
Microsoft Internet Explorer <11 - Code Injection
CVE-2013-3198
Microsoft Windows - Memory Corruption
CVE-2013-3197
Microsoft Windows - Memory Corruption
CVE-2013-3196
Microsoft Windows - Memory Corruption
CVE-2013-3194
Microsoft Internet Explorer 9 - Memory Corruption
CVE-2013-3193
Microsoft Internet Explorer 9-10 - Memory Corruption
CVE-2013-3191
Microsoft Internet Explorer 9-10 - Memory Corruption
CVE-2013-3190
Microsoft Internet Explorer <10 - Code Injection
CVE-2013-3189
Microsoft Internet Explorer 8-9 - Code Injection
CVE-2013-3188
Microsoft Internet Explorer <9 - Code Injection
CVE-2013-3187
Microsoft Internet Explorer 9-10 - Code Injection
CVE-2013-3184
Microsoft Internet Explorer <10 - Code Injection
CVE-2013-3183
Microsoft Windows - Denial of Service via ICMPv6 Packet Handling
CVE-2013-3182
Microsoft Windows Server 2012 - DoS
CVE-2013-3181
Microsoft Windows XP/Server 2003 - RCE
CVE-2013-3464
Cisco IOS XR - Denial of Service via ICMP Echo Request Flood Handling
CVE-2013-4115
Opensuse - Memory Corruption
CVE-2013-4742
NetWin SurgeFTP <23d2 - Buffer Overflow
CVE-2013-2577
XnView < 2.04 - Remote Code Execution via Crafted PCT File
CVE-2013-2576
Artweaver < 3.1.6 - Buffer Overflow via Crafted AWD File
CVE-2013-1707
Mozilla Firefox < 23.0 and Firefox ESR 17.x < 17.0.8 - Stack-Based Buffer Overflow via Long Pathname
CVE-2013-1706
Mozilla Firefox < 23.0 and Firefox ESR < 17.0.8 - Local Privilege Escalation via Long Pathname
CVE-2013-1705
SeaMonkey < 2.20 - Remote Code Execution via CRMF Request Heap Buffer Underflow
CVE-2013-4679
Symantec Workspace Virtualization <6.4.1953.0 - Privilege Escalation
Details
Vulnerabilities 14,011
Exploit Likelihood High