CWE-119
High likelihoodImproper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
14,011 vulnerabilities with CWE-119
CVE-2013-2723
Adobe Acrobat Reader < 9.5.5, 10.1.7, 11.0.03 - RCE and DoS via Memory Corruption
CVE-2013-2722
Adobe Acrobat Reader < 9.5.5, 10.1.7, 11.0.03 - Remote Code Execution or DoS
CVE-2013-2721
Adobe Reader/Acrobat <9.5.5,10.1.7,11.0.03 - Memory Corruption
CVE-2013-2719
Adobe Acrobat and Reader < 9.5.5, 10.1.7, 11.0.03 - Remote Code Execution or DoS via Memory Corruption
CVE-2013-2718
Adobe Acrobat Reader < 9.5.5, 10.1.7, 11.0.03 - Remote Code Execution or DoS
CVE-2013-1680
Firefox < 21.0 and Firefox ESR < 17.0.6 - Use-After-Free in nsFrameList::FirstChild
CVE-2013-1678
Firefox < 21.0 and ESR < 17.0.6 - Remote Code Execution via Glyph Handling
CVE-2013-1676
Firefox < 21.0 and Firefox ESR < 17.0.6 - Remote Code Execution via SelectionIterator Out-of-Bounds Read
CVE-2013-1346
Microsoft Malware Protection Engine < 1.1.9506.0 - Remote Code Execution via Crafted File
CVE-2013-1334
Microsoft Windows - Privilege Escalation
CVE-2013-1333
Microsoft Windows 7 SP1 - Buffer Overflow
CVE-2013-1332
Microsoft DirectX Graphics Kernel Subsystem - Privilege Escalation
CVE-2013-1320
Microsoft Publisher 2003 SP3 - Remote Code Execution via Crafted Publisher File
CVE-2013-1302
Microsoft Communicator <2007 R2 - RCE
CVE-2013-2021
Canonical Ubuntu Linux - Memory Corruption
CVE-2013-1918
Xen 4.1.x-4.2.x - Denial of Service via Deep Page Table Traversal
CVE-2013-0946
EMC AlphaStor 4.0 <build 910 - Buffer Overflow
CVE-2013-0726
ERDAS ER Viewer <13.00.0001 - Buffer Overflow
CVE-2013-1234
Cisco IOS XR - Authenticated Denial of Service via Crafted SNMP Packets
CVE-2013-1091
Novell iPrint Client <5.90 - Buffer Overflow
CVE-2013-1884
Apache Subversion 1.7.0-1.7.8 - Denial of Service via Invalid Log REPORT Request
CVE-2013-1846
Subversion 1.6.x < 1.6.21 and 1.7.0-1.7.8 - Authenticated Denial of Service via LOCK on Activity URL
CVE-2013-1845
Subversion 1.6.x < 1.6.21 and 1.7.0-1.7.8 - Authenticated Denial of Service via Property Manipulation
CVE-2013-1230
Cisco Unified Communications Domain Manager - DoS
CVE-2013-1914
glibc < 2.17 - Denial of Service via getaddrinfo Hostname/IP Address Processing
Details
Vulnerabilities
14,011
Exploit Likelihood
High