CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,011 vulnerabilities with CWE-119
CVE-2013-3116
Microsoft Internet Explorer <10 - Code Injection
CVE-2013-3114
Microsoft Internet Explorer <10 - Code Injection
CVE-2013-3113
Microsoft Internet Explorer 6-10 - Code Injection
CVE-2013-3112
Microsoft Internet Explorer 6-10 - Code Injection
CVE-2013-3111
Microsoft Internet Explorer <11 - Code Injection
CVE-2013-3110
Microsoft Internet Explorer 8-9 - Code Injection
CVE-2013-3673
FFmpeg < 1.2 - Denial of Service via Crafted GIF Data in gif_decode_frame
CVE-2013-3670
FFmpeg < 1.2 - Denial of Service via RLE Data in vmdav.c
CVE-2013-4082
Wireshark 1.8.x < 1.8.8 - Denial of Service via Ixia IxVeriWave File Parser
CVE-2013-4081
Wireshark 1.6.x < 1.6.16 and 1.8.x < 1.8.8 - Denial of Service via HTTP Dissector Recursion
CVE-2013-4080
Wireshark 1.8.x < 1.8.8 - Denial of Service via Assa Abloy R3 Dissector
CVE-2013-4079
Opensuse - Memory Corruption
CVE-2013-4077
Debian Linux - Memory Corruption
CVE-2013-4076
Debian Linux - Memory Corruption
CVE-2013-2850
Linux kernel <3.9.4 - Buffer Overflow
CVE-2013-1929
Linux Kernel < 3.8.6 - Heap-Based Buffer Overflow in tg3_read_vpd Function
CVE-2013-3950
iPhone OS 5.1.x and 6.x-6.1.3 - Stack-based Buffer Overflow via DYLD_SHARED_CACHE_DIR Environment Variable
CVE-2013-1023
Safari < 6.0.5 - Remote Code Execution via Memory Corruption
CVE-2013-1009
Safari < 6.0.5 - Remote Code Execution via Memory Corruption
CVE-2013-0984
Mac OS X <= 10.6.8 - Remote Code Execution in Directory Service
CVE-2013-0983
Mac OS X < 10.8.4 - Remote Code Execution via Crafted Text Glyph in Safari
CVE-2013-0975
Mac OS X < 10.8.4 - Remote Code Execution via Crafted PICT Image
CVE-2013-3475
IBM DB2 and DB2 Connect 9.1-10.1 - Local Privilege Escalation via Stack-Based Buffer Overflow in Audit Facility
CVE-2013-0509
IBM Tivoli Netcool <4.0.0 - Buffer Overflow
CVE-2013-0508
IBM Tivoli Netcool <4.0.1 - Buffer Overflow
Details
Vulnerabilities 14,011
Exploit Likelihood High