CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,012 vulnerabilities with CWE-119
CVE-2012-4711
KingView <6.52-6.55 - Buffer Overflow
CVE-2012-4700
IntegraXor SCADA Server <4.00.4250.0 - Buffer Overflow
CVE-2012-6352
IBM Sterling Connect:Direct through 4.1.0.3 - Denial of Service via Crafted Data
CVE-2012-5965
portable SDK for UPnP Devices 1.3.1 - Stack-based Buffer Overflow in SSDP DeviceType Field
CVE-2012-5964
portable SDK for UPnP Devices 1.3.1 - Remote Code Execution via SSDP ServiceType Field
CVE-2012-5963
portable SDK for UPnP Devices 1.3.1 - Remote Code Execution via SSDP UDN Field Buffer Overflow
CVE-2012-5962
portable SDK for UPnP Devices 1.3.1 - Remote Code Execution via SSDP DeviceType Field
CVE-2012-5961
libupnp 1.3.1 - Remote Code Execution via SSDP UDN Field Buffer Overflow
CVE-2012-5960
portable SDK for UPnP Devices < 1.6.18 - Stack-based Buffer Overflow via UDN Field in UDP Packet
CVE-2012-5959
UPnP SSDP M-SEARCH Information Discovery
CVE-2012-5958
libupnp < 1.6.18 - Remote Code Execution via SSDP Unique Service Name Parsing
CVE-2012-6530
Sysax Multi Server < 5.52 - Authenticated Stack-Based Buffer Overflow via HTTP Request
CVE-2012-4696
Beijer ADP <6.5.1-186_R2942 - Buffer Overflow
CVE-2012-4914
CoolPDF 3.0.2.256 - Buffer Overflow
CVE-2012-3278
HP Diagnostics Server <9.21 - Buffer Overflow
CVE-2012-6442 HIGH
Rockwell Automation EtherNet/IP Firmware - Denial of Service via Unauthorized CIP Message
CVSS 7.5
CVE-2012-6438 HIGH
Rockwellautomation Controllogix Controllers < 20 - Memory Corruption
CVSS 7.5
CVE-2012-6436 HIGH
Rockwellautomation Controllogix Controllers < 20 - Memory Corruption
CVSS 7.5
CVE-2012-5670
FreeType < 2.4.11 - Denial of Service via BDF Font ENCODING Field
CVE-2012-5669
FreeType < 2.4.11 - Denial of Service and Possible Remote Code Execution via BDF Font Parsing
CVE-2012-5668
FreeType < 2.4.11 - Denial of Service via BDF Font Allocation Error
CVE-2012-6096
Nagios Core < 3.4.4 / Icinga 1.6.x < 1.6.2, 1.7.x < 1.7.4, 1.8.x < 1.8.4 - Stack-Based Buffer Overflow
CVE-2012-3364
Linux Kernel < 3.4.5 - Stack-Based Buffer Overflow in NCI Frame Length Handling
CVE-2012-2137
Linux Kernel < 3.2.24 - Buffer Overflow in KVM MSI Routing Entry Setup
CVE-2012-2119
Linux Kernel < 3.4.5 - Denial of Service via MACVTAP Descriptor Buffer Overflow
Details
Vulnerabilities 14,012
Exploit Likelihood High