CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,012 vulnerabilities with CWE-119
CVE-2012-5409
Siemens SiPass integrated < mp2.6 - Remote Code Execution via IOCP RPC Message Handling
CVE-2012-5671
Exim 4.70-4.80 - Remote Code Execution via DKIM DNS TXT Query Buffer Overflow
CVE-2012-4663
Cisco ASA/FWSM <8.3.2.25/4.1.7 - DoS
CVE-2012-4662
Cisco ASA/FWSM <8.3.2.25/4.1.7 - DoS
CVE-2012-4661
Cisco ASA/FWSM <8.3.2.34/8.4.4.4/8.5.1.13/8.6.1.3 - RCE
CVE-2012-4660
Cisco Adaptive Security Appliance Software 8.2-8.6 - Denial of Service via SIP Media-Update Packet
CVE-2012-4447
libtiff < 4.0.3 - Heap-Based Buffer Overflow via PixarLog Compression
CVE-2012-5470
VLC media player 2.0.3 - Denial of Service via Crafted PNG File
CVE-2012-4729
Wing FTP Server < 4.1.1 - Authenticated Denial of Service via Zip Commands
CVE-2012-3941
Cisco WebEx Recording Format Player T27 < SP32 EP10 and T28 < T28.4 - Remote Code Execution via Crafted WRF File
CVE-2012-3940
Cisco WebEx Recording Format Player T27 < SP32 EP10 and T28 < T28.4 - Remote Code Execution via Crafted WRF File
CVE-2012-3939
Cisco WebEx Recording Format Player T27 < SP32 EP10 and T28 < T28.4 - Remote Code Execution via Crafted WRF File
CVE-2012-3938
Cisco WebEx Recording Format Player T27 < SP32 EP10 and T28 < T28.4 - Remote Code Execution via Crafted WRF File
CVE-2012-3937
Cisco WebEx Recording Format Player T27 < SP32 EP10 and T28 < T28.4 - Remote Code Execution via Crafted WRF File
CVE-2012-3936
Cisco WebEx Recording Format Player T27 < SP32 EP10 and T28 < T28.4 - Remote Code Execution via Crafted WRF File
CVE-2012-5273
Adobe Shockwave Player <11.6.8.638 - Buffer Overflow
CVE-2012-4175
Adobe Shockwave Player < 11.6.8.638 - Remote Code Execution
CVE-2012-4174
Adobe Shockwave Player < 11.6.8.638 - Remote Code Execution
CVE-2012-4173
Adobe Shockwave Player < 11.6.8.638 - Remote Code Execution
CVE-2012-4172
Adobe Shockwave Player < 11.6.8.638 - Remote Code Execution
CVE-2012-4436
fwknop < 2.0.3 - Buffer Overflow via --last Command Line Argument
CVE-2012-4826
IBM DB2 9.1, 9.5, 9.7-9.8, 10.1 - Authenticated Stack-Based Buffer Overflow via Stored Procedure Debugging
CVE-2012-0306
Symantec Ghost Solution Suite <2.5.1 - RCE/DoS
CVE-2012-0227
ComponentOne FlexGrid 7.1 - Buffer Overflow via Archive Method
CVE-2012-4190
Firefox < 16.0 - Memory Corruption via FT2FontEntry::CreateFontEntry
Details
Vulnerabilities 14,012
Exploit Likelihood High