CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,014 vulnerabilities with CWE-119
CVE-2012-2046
Adobe Shockwave Player < 11.6.6.636 - Remote Code Execution via Memory Corruption
CVE-2012-2045
Adobe Shockwave Player < 11.6.6.636 - Remote Code Execution via Memory Corruption
CVE-2012-2044
Adobe Shockwave Player < 11.6.6.636 - Remote Code Execution via Memory Corruption
CVE-2012-2043
Adobe Shockwave Player < 11.6.6.636 - Remote Code Execution via Memory Corruption
CVE-2012-1525
Adobe Acrobat and Reader - Heap-based Buffer Overflow
CVE-2012-2524
Microsoft Office <2010 - Code Injection
CVE-2012-1888
Microsoft Visio 2010 SP1 and Visio Viewer 2010 SP1 - Remote Code Execution via Crafted Visio File
CVE-2012-1853
Windows XP - Remote Code Execution via Remote Administration Protocol Stack Overflow
CVE-2012-1852
Windows XP SP2 and SP3 - Remote Code Execution via RAP Response Packet
CVE-2012-1526
Microsoft Internet Explorer 6 and 7 - Remote Code Execution via Memory Corruption
CVE-2012-4335
Samsung NET-i viewer 1.37.120316 - Denial of Service via Negative Size Value in TCP Request
CVE-2012-4333
Samsung NET-i viewer 1.37.120316 - Remote Code Execution via BackupToAvi Method
CVE-2012-4330
Samsung D6000 Firmware - Denial of Service via Long MAC Address Field
CVE-2012-4329
Samsung D6000 Firmware - Denial of Service via Crafted Controller Name
CVE-2012-3425
libpng < 1.0.58, 1.2.48, 1.4.10, 1.5.10 DoS via Large avail_in Field
CVE-2012-3401
libtiff < 4.0.2 - Denial of Service and Possible Remote Code Execution via Crafted TIFF Image
CVE-2012-4250
Samsung NET-i viewer 1.37 - Remote Code Execution via RequestScreenOptimization Function
CVE-2012-2863
Google Chrome < 21.0.1180.75 - Denial of Service via PDF Out-of-Bounds Write
CVE-2012-2745
Linux Kernel < 3.3.2 - Denial of Service via Invalid Session Keyring in copy_creds
CVE-2012-3438
GraphicsMagick - Denial of Service via Crafted PNG File
CVE-2012-3423
IcedTea-Web < 1.2.1 - Remote Code Execution via NPVariant NPString Handling
CVE-2012-3422
IcedTea-Web < 1.2.1 - Use-After-Free via Empty instance_to_id_map Hash
CVE-2012-1357
Cisco NX-OS 5.0-5.1 - Denial of Service via IGMP Packet Handling
CVE-2012-1344
Cisco IOS 15.1-15.2 - Authenticated Denial of Service via SSL VPN Portal Refresh
CVE-2012-1340
Cisco MDS 9000 NX-OS 4.2 and 5.2 - Denial of Service via Crafted FCIP Header
Details
Vulnerabilities 14,014
Exploit Likelihood High