CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,011 vulnerabilities with CWE-119
CVE-2013-4575
Symantec Backup Exec <2010 R3 SP3, <2012 SP2 - Buffer Overflow
CVE-2013-5019
Ultra Mini HTTPD 1.21 - Buffer Overflow
CVE-2013-4131
Subversion 1.7.0-1.7.10 and 1.8.x < 1.8.1 - Authenticated Denial of Service via COPY, DELETE, or MOVE Request
CVE-2013-2785
GE Intelligent Platforms Proficy HMI/SCADA - Buffer Overflow
CVE-2013-2220
Radius Extension for PHP < 1.2.7 - Buffer Overflow via Large VSA Length Value
CVE-2013-2174
curl 7.7-7.30.0 - Heap-Based Buffer Overflow via Crafted String Ending in Percent Character
CVE-2013-1377
Adobe Digital Editions 2.x - Remote Code Execution via Memory Corruption
CVE-2013-4934
Wireshark 1.8.x < 1.8.9 and 1.10.x < 1.10.1 - Denial of Service in Netmon File Parser
CVE-2013-4933
Wireshark 1.8.x < 1.8.9 and 1.10.x < 1.10.1 - Denial of Service in Netmon File Parser
CVE-2013-4920
Wireshark 1.10.x - Denial of Service via P1 Dissector Global Variable Initialization
CVE-2013-0723
Kingsoft Spreadsheets <8.1.0.3030 - Buffer Overflow
CVE-2013-3300
Lift < 2.5 - Authenticated Information Disclosure via JsonParser End-Index Mishandling
CVE-2013-3441
Cisco Aironet 3600 Series - Denial of Service via FlexConnect Mode Transition
CVE-2013-1606
Ubiquiti AirVision Firmware < 1.1.6 - Remote Code Execution via RTSP DESCRIBE Request
CVE-2013-3410
Cisco Intrusion Prevention System < 7.0(9)E4 - Denial of Service via Malformed IPv4 Packets
CVE-2013-1243
Cisco IPS Software < 7.1 - Denial of Service via Malformed IPv4 Packets
CVE-2013-1218
Cisco ASA 5500-X IPS-SSP <7.1(7)sp1E4 - DoS
CVE-2013-2688
BlackBerry QNX Neutrino RTOS <6.5.0 SP1 - Buffer Overflow
CVE-2013-2687
BlackBerry QNX Neutrino RTOS <6.5.0 SP1 - Buffer Overflow
CVE-2013-4685
Juniper Junos <10.4S14-12.1X44-D15 - RCE
CVE-2013-3245 MEDIUM
VideoLAN VLC Media Player <2.0.7 - DoS
CVSS 6.3
CVE-2013-1954
VLC media player < 2.0.5 - Denial of Service and Possible Remote Code Execution via ASF Demuxer
CVE-2013-1868
VLC media player < 2.0.4 - Remote Code Execution via Freetype Renderer and HTML Subtitle Parser
CVE-2013-3348
Adobe Shockwave Player <12.0.3.133 - Memory Corruption
CVE-2013-3345
Adobe Flash Player <11.7.700.232-11.8.800.94 - Memory Corruption
Details
Vulnerabilities 14,011
Exploit Likelihood High