CWE-119
High likelihoodImproper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
14,011 vulnerabilities with CWE-119
CVE-2013-1750
RealPlayer < 16.0.1.18 - Remote Code Execution via Malformed MP4 File
CVE-2013-0251
latd 1.25-1.30 - Stack-based Buffer Overflow via Long llogin Version String
CVE-2013-0915
Google Chrome OS <25.0.1364.173 - DoS
CVE-2013-2492
Firebird <2.1.5-2.5.3 - Buffer Overflow
CVE-2013-0976
Mac OS X < 10.8.3 - Remote Code Execution via Crafted Graphics Image
CVE-2013-1794
OpenAFS < 1.6.2 - Authenticated Buffer Overflow via Long Fileserver ACL Entry
CVE-2013-1049
cfingerd 1.4.3-3 - Buffer Overflow via RFC1413 Ident Response
CVE-2013-1375
Adobe Flash Player < 11.6.602.180 - Heap-based Buffer Overflow
CVE-2013-1371
Adobe Flash Player < 11.6.602.180 - Remote Code Execution via Memory Corruption
CVE-2013-0086
Microsoft OneNote 2010 SP1 - Information Disclosure via Crafted OneNote File
CVE-2013-0085
Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 - Denial of Service via Crafted URL
CVE-2013-2557
Microsoft Internet Explorer 9 - Memory Corruption
CVE-2013-2496
FFmpeg < 1.1.3 - Denial of Service via Crafted Microsoft RLE Data
CVE-2013-0249
curl and libcurl 7.26.0-7.28.1 - Stack-Based Buffer Overflow via SASL DIGEST-MD5 Realm Parameter
CVE-2013-0402
JavaFX < 2.2.7 - Remote Code Execution via Heap-Based Buffer Overflow
CVE-2013-2493
Google Chrome Frame <26.0.1410.28 - DoS
CVE-2013-2477
Wireshark 1.8.x < 1.8.6 - Denial of Service in CSN.1 Dissector
CVE-2013-1493
Oracle JRE < 1.7.0 - Remote Code Execution via Crafted Image Raster Parameters
CVE-2013-0906
Google Chrome <25.0.1364.152 - Memory Corruption
CVE-2013-0904
Google Chrome <25.0.1364.152 - Memory Corruption
CVE-2013-0288
nss-pam-ldapd < 0.7.18 and 0.8.x < 0.8.11 - Stack-Based Buffer Overflow via FD_SET Macro Misuse
CVE-2013-0710
Kingsoft Writer 2007 and Writer 2010 < 2724 - Remote Code Execution via Crafted RTF Document
CVE-2013-0183
Rack 1.3.0-1.3.7 and 1.4.0-1.4.2 - Denial of Service via Long String in Multipart HTTP Packet
CVE-2013-1141
Cisco Wireless LAN Controller Software < 7.4.1.54 - Authenticated Denial of Service via mDNS Snooping
CVE-2013-1773
Linux Kernel < 3.3 - Buffer Overflow in VFAT Filesystem UTF-8 to UTF-16 Conversion
Details
Vulnerabilities
14,011
Exploit Likelihood
High